[OpenIndiana-discuss] Update info?

Bayard Bell buffer.g.overflow at googlemail.com
Tue May 24 13:06:08 UTC 2011


Found some further background reading from security-discuss@ for anyone looking for further technical background info:

http://opensolaris.org/jive/thread.jspa?threadID=98824
http://opensolaris.org/jive/thread.jspa?threadID=98824&tstart=210
http://opensolaris.org/jive/thread.jspa?threadID=98729&tstart=210

On 24 May 2011, at 10:42, Bayard Bell wrote:

> On 23 May 2011, at 22:29, Jeppe Toustrup wrote:
> 
>> 2011/5/23 Ken Gunderson <kgunders at teamcool.net>:
>>> On Mon, 2011-05-23 at 15:39 -0400, Alex Smith (K4RNT) wrote:
>>>> Another related question - why have we stopped using pfexec and
>>>> started using sudo? I preferred RBAC...
>>> 
>>> Have we?  I've been testing 148b and just assumed it was a defect.  If
>>> not, I concur with you that RBAC is preferrable to sudo.
>> 
>> The change was made upstream. See this bug report which discusses the change:
>> https://defect.opensolaris.org/bz/show_bug.cgi?id=4885
> 
> This looks to me like a comedy of analogical errors: it's not, for example, that Windows users no longer have access to admin privileges, it's just that asserting those privileges requires authentication. Similarly, it's not that sudo is the right way to do things in general, nor is it all that important that using sudo provides an affordance to people accustomed to using it elsewhere. It's that pfexec doesn't have a mechanism to require authentication for the assertion of particular levels of privilege, and it looks like a decision was made to kick the can down the road on that. You could follow the various offered analogies conclude not that access to root should be mediated by sudo because that's what people expect but that people rightly expect there to be an authentication requirement, in principle if not in fact, between them and access to those privileges. It wouldn't be a show-stopper to say that for most people's purposes, pfexec is like sudo, it's just called pfexec and has a different configuration system because the privileges have a different structure, if you need to edit the config files, read the fine man page. The problem is a decision was made, however implicitly or explicitly, not to fill in the functional gap and add authentication. Instead of agreeing that pfexec needed to be like sudo in this respect and making it that way, we just got sudo.
> 
> That continues to be the case because the determinative constraints haven't moved an inch. I don't see the point in the subsequent Talmudic arguments about references to Ubuntu, as the protracted argument doesn't add up to the inconsequence of the point.
> 
>> --
>> Venlig hilsen / Kind regards
>> Jeppe Toustrup (aka. Tenzer)
>> 
>> _______________________________________________
>> OpenIndiana-discuss mailing list
>> OpenIndiana-discuss at openindiana.org
>> http://openindiana.org/mailman/listinfo/openindiana-discuss
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 841 bytes
Desc: This is a digitally signed message part
URL: <http://openindiana.org/pipermail/openindiana-discuss/attachments/20110524/543b6128/attachment.bin>


More information about the OpenIndiana-discuss mailing list