I agree...i think the current approachis very windowsish (Pre-vista) and can only lead to problems.
2009/6/17 Moinak Ghosh <[email protected]> > On Tue, Jun 16, 2009 at 11:41 PM, Lurie<[email protected]> wrote: > >> And you're waiting for the ARC review to do that? I > >> haven't looked too closely but I'm not generally aware > >> of any security problems introduced by pfexec in OpenSolaris. > > > > By default OpenSolaris gives the default user adminstrator privileges, > allowing any program run by that user to execute anything it wants to with > root rights (just fork a new process with "pfexec ..." ...) > > That is how the Caiman Installer sets up the user profile. > Maybe the solution is to not grant all admin rights to the > user and allow him to assume root role via a password. > > Regards, > Moinak. > -- > ================================ > http://www.belenix.org/ > http://moinakg.wordpress.com/ > _______________________________________________ > opensolaris-discuss mailing list > [email protected] >
_______________________________________________ opensolaris-discuss mailing list [email protected]
