[OpenIndiana-discuss] Update info?

Ken Gunderson kgunders at teamcool.net
Tue May 24 00:16:32 UTC 2011


On Mon, 2011-05-23 at 17:03 -0700, Bill Sommerfeld wrote:
> On 05/23/11 16:54, Ken Gunderson wrote:
> > On Mon, 2011-05-23 at 23:29 +0200, Jeppe Toustrup wrote:
> >> The change was made upstream. See this bug report which discusses the change:
> >> https://defect.opensolaris.org/bz/show_bug.cgi?id=4885
> > 
> > And here I used to think Dave was a smart guy.... let's bork Solaris's
> > superior RBAC model so we can make it more like one of the lamest (at
> > least w.r.t. seasoned users) Linux distros out there.  Damn fine
> > analysis there....;-{
> 
> The way RBAC was configured by the opensolaris installer was flagrantly
> insecure (automatically granting any process running with the uid of the
> initial user account the ability to exec arbitrary commands as uid 0
> with all privileges)
> 
> The upstream change closes a serious security hole.
> 
> 						- Bill

Yeah, I read the thread, and that aspect I do agree with.  The part that
irked me was the this makes things more familiar for Ubuntu Linux users
(ir)rationale.

-- 
Ken Gunderson <kgunders at teamcool.net>




More information about the OpenIndiana-discuss mailing list