[osiris-devel] User Access Control

David M. Fetter dfetter at pdx.edu
Tue Oct 5 16:19:06 EDT 2004 

Well, to make things simple it could be added as part of the new-user
command.  It can ask for username, password and level of access.  Then
break the commands out into commands that just list information,
commands that edit filters and/or acknowledge changes to the system or
revert back and another level for all commands (the admin accounts). 
So, there would be three levels of access, one of which would be
designated at the creation time of a new-user.  Then it could be changed
with edit-user, etc.  Basically, simply seting it up so each level of
access contains a subgroup of commands that can be executed by the new
user.  That seems to make the best sense to me and it probably wouldn't
be too horrible to add.  Finer ACLs than that I would imagine would get
tricky.

On Fri, 2004-10-01 at 23:01, Brian Wotring wrote:
> Noted.  And yes, users are equal under the current code.  Implementing 
> access control in this fashion would be easy, mostly.  The auth 
> credentials are stored in a berkeley DB.
> 
> The biggest challenge, I think, would be coming up with the UI portion 
> of this.
> 
> David M. Fetter wrote:
> > It doesn't appear that there is any sort of user access control.  From
> > what I can tell a user account is the same as the admin account. 
> > Therefore, I would like to make a request that it be included to specify
> > or restrict what commands a new user can execute within osiris.  This
> > would be a very nice feature.
> 
> _______________________________________________
> osiris-devel mailing list
> osiris-devel at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris-devel
-- 
David M. Fetter - UNIX Systems Administrator
Portland State University - www.oit.pdx.edu
"Only those who attempt the absurd can achieve the impossible."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20041005/bc5dab07/attachment.pgp

More information about the osiris-devel mailing list