Date: Wed, 6 Dec 2000 22:59:24 -0600 (CST) From: David Talkington <dtalk@prairienet.org> To: Roop Nanuwa <roop@gw.carpoolbc.com> Cc: Michael Chong <MichaelC@fool.com>, "'hackers@FreeBSD.ORG'" <hackers@FreeBSD.ORG> Subject: Re: your mail Message-ID: <Pine.LNX.4.21.0012062249340.1353-100000@sherman.spotnet.org> In-Reply-To: <Pine.BSF.4.21.0012061845090.3711-100000@gw.carpoolbc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> >I think what you're looking for is something similar (or exactly >like) 'sudo'.. sudo definitely helps if it's carefully administered, but it still grants root access to a file, which may not really be what you want. As a Unix advocate in general, I'm looking forward to seeing how well Sun does this. ACLs are one of the things that NTFS does well, and Unix traditionally doesn't really provide for. In an environment like ours, where we have a plethora of community members and volunteers doing various things on our Solaris system, you quickly discover the limits of sudo's ability to dispense privileges surgically without creating security holes. You can do a lot with carefully configured groups, but as the number of users increases and the system activities become more disparate, this gets complicated... My $.02 -d >On Wed, 6 Dec 2000, Michael Chong wrote: > >> I have a question about FreeBSD...is it possible to set acl's on commands? >> (eg..giving one specific user the abiltity to execute a command w/o putting >> them in a group) I'm talking about something like this: >> http://www.sunworld.com/swol-06-1998/swol-06-insidesolaris.html. Can we do >> something like this with FreeBSD? >> >> >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-hackers" in the body of the message >> > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0012062249340.1353-100000>