[OpenIndiana-discuss] Update info?
Ken Gunderson
kgunders at teamcool.net
Tue May 24 00:16:32 UTC 2011
On Mon, 2011-05-23 at 17:03 -0700, Bill Sommerfeld wrote:
> On 05/23/11 16:54, Ken Gunderson wrote:
> > On Mon, 2011-05-23 at 23:29 +0200, Jeppe Toustrup wrote:
> >> The change was made upstream. See this bug report which discusses the change:
> >> https://defect.opensolaris.org/bz/show_bug.cgi?id=4885
> >
> > And here I used to think Dave was a smart guy.... let's bork Solaris's
> > superior RBAC model so we can make it more like one of the lamest (at
> > least w.r.t. seasoned users) Linux distros out there. Damn fine
> > analysis there....;-{
>
> The way RBAC was configured by the opensolaris installer was flagrantly
> insecure (automatically granting any process running with the uid of the
> initial user account the ability to exec arbitrary commands as uid 0
> with all privileges)
>
> The upstream change closes a serious security hole.
>
> - Bill
Yeah, I read the thread, and that aspect I do agree with. The part that
irked me was the this makes things more familiar for Ubuntu Linux users
(ir)rationale.
--
Ken Gunderson <kgunders at teamcool.net>
More information about the OpenIndiana-discuss
mailing list