On Thu, May 12, 2016 at 12:00 PM, Gordon Sim <[email protected]> wrote:
> On 12/05/16 19:50, Justin Ross wrote: > >> Do we want to be able to apply policy to operator tools? These would be >> tools for inspecting a router or router network as a whole, not a >> particular vhost. >> > > I would think you would just authenticate as an administrator (or a user > in an administrator group). That would apply even for tools users built for > themselves. Agreed, but to clarify, that doesn't get you a policy for "operator tools". It get's you the default policy or a specific vhost policy. And it's worth asking perhaps whether users defined in the default policy are available under a vhost-bound connection. I'm guessing no. That could be a stumbling point.
