Several new or updated Policies and Best Practices have been published
in the OpenSolaris ARC community (http://www.opensolaris.org/os/community/arc/).
Architectural Best Practices
Areas where there is potential for confusion, where there are
many mostly-equal alternatives, or where someone has developed
a design pattern that can easily be reused all benefit from what
are called Best Practices. While they don't have the force
of a Policy, they still are a valuable source of good
architectural advice.
Gary Winiger (from the Role Based Authorization (RBAC)
team) has provided materials for three new architectural
best practices relating to RBAC:
When to use setuid -vs- roles and profiles
http://www.opensolaris.org/os/community/arc/bestpractices/rbac-intro/
HOWTO guide for adding RBAC authorizations
http://www.opensolaris.org/os/community/arc/bestpractices/rbac-auths/
HOWTO guide for adding RBAC Rights Profiles
http://www.opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
Architectural Requirements (Policies)
These are areas where the ARC has set architectural policy that
is expected to be followed by all projects.
Joe Kowalski (with a cast of hundreds) delivered an update
to the ARC Interface Taxonomy:
http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/
Tasha Westmore and the SMF team provided the content for
a new Service Management Facility (SMF) usage policy:
http://www.opensolaris.org/os/community/arc/policies/SMF-policy/
Since the SMF policy referenced Sun's Network Install-Time
Security Policy, it was also made available:
http://www.opensolaris.org/os/community/arc/policies/NITS-policy/
http://www.opensolaris.org/os/community/arc/bestpractices/security-questions/
-John
_______________________________________________
opensolaris-discuss mailing list
[email protected]
