This is slightly off topic, but somewhat related... one of the advantages sudo has over pfexec is that by default it asks you to re-enter your password before dishing out extra privileges.
Is there an argument for adding this to pfexec? >From my experiences, sysadmins that have to administrate boxes seem to usually >set themselves 'Primary Administrator', and if a malicious third party is able >to gain access to one of these accounts via a method that doesn't involve >knowing the password, they can get root without anything stopping them. A >password prompt would stop them in their tracks. _______________________________________________ opensolaris-discuss mailing list [email protected]
