Security Groups Policy

Frank Warmerdam warmerdam at pobox.com
Sat Jun 24 23:52:27 EDT 2006


Folks,

OK, I would now like to motion to adopt the Security Groups Policy.

   http://wiki.osgeo.org/index.php/SAC:Security_Groups_Policy

I have written up a bit of info on how the LDAP authentication works on
the client side at:

   http://wiki.osgeo.org/index.php/SAC:Setup_LDAP_Authentication

And based on that, I am convinced it will be pretty easy to configure
the /etc/sudoers file to only allow people in the Administrator group
to su to root.

Friendly ammendments to the policy are welcome.  But I don't think it
needs to be "all singing and all dancing" at this point.  We can add
new groups in the future as we need them.

Best regards,
-- 
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | President OSGF, http://osgeo.org





More information about the Sac mailing list