Alan Coopersmith wrote:
John Sonnenschein wrote:
Is there a particular reason we require the Primary Administrator
profile to be in effect in order to run pkg(5) ?
Short-term adding a line like "Software
Installation:solaris:cmd:::/usr/bin/pkg:euid=0" to
/etc/security/exec_attr would allow a sysadmin to grant Software
Installation to a junior admin without requiring full privs.
Is there any real difference? Once you can install software,
you can install a package that has a setuid-root copy of /bin/sh
and get the same privileges.
I don't know that that's a very different complaint than allowing access
to pkgadd(1), which is the whole purpose of the Software Installation
profile, but yet it exists. Do people (other than pkgtool) use Software
Installation, which is to say, is it worthwhile to keep the profile at
all ? Ultimately I'd like to see pkg(5) make much heavier use of rbac(5)
& privileges(5) (including things like being able to be more
fine-grained about what sort of software a Software Installer can
install... example disallowing packages with suid )
-JohnS
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
