> > Not saying the CU be damned, but just the opposite. IMO, as
> > I believe I stated this 3.5 years ago when this started, this
> > project is kludge/bandaid for lack of a proper architecture.
> > I'm saddened that such an architecture doesn't seem to be
> > forthcoming.
>
> and it is exactly because the is no better alternative that I restarted
> this case. This is a perfectly acceptable solution for many people.
> I've love to see something better with centralised (but still allowing
> very fine grained policy) in fact we used to have such a thing when Sun
> resold the BoKS product as Solstice Security Manager (and on Solaris 2.6
> it even used PAM!).
Yup, I remember it. Unfortunately it's long gone. We can lament
it over a couple whiskies later this summer.
> Feel free to derail this case for the purpose of writing an opinion to
> point out that there are still a number of areas where Solaris doesn't
> have sufficient account access controls and that a centralised
> management tool for this is needed as well. I'll gladly provide fodder
> for that opinion.
No need. There are enough folk who are well aware. And we keep
making them aware at every opportunity.
Gary..
P.S. approved at today's PSARC -- hope you're well on the mend.
