[sudo-users] RBAC .vs. SUDO

Huibert.Kivits at mail.ing.nl Huibert.Kivits at mail.ing.nl
Wed Nov 9 12:25:12 EST 2005

Hi Asif,

If logging matters to you, sudo definitely has an advantage over RBAC.
Sudo logging is very easy to read; RBAC logging is practically unreadable.

If you're managing a mixed environment (say, Solaris and AIX) and if you do want to standardize, SUDO has another important advantage, i.e., that it is supported by all Unices. AIX, for instance, does not support RBAC.

Met vriendelijke groeten / With kind regards / Mit freundlichen Grüßen / Med vänliga hälsningar / nuosirdziausi linkejimai,

Huibert Kivits

"...all too often, when organizations develop information security programs, they treat security issues as a simple 'check-box' on the list of required corporate functions."
Richard Forno & Kenneth R van Wyk, "Incident Response", O'Reilly, 2001, ISBN: 0-596-00130-4

-----Oorspronkelijk bericht-----
Van: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] Namens Asif Iqbal
Verzonden: woensdag 9 november 2005 17:06
Aan: sudo-users at sudo.ws
Onderwerp: [sudo-users] RBAC .vs. SUDO

Hi All

Any one can point me to a comparison chart or something similar on RBAC .vs. SUDO. I am using sudo on all my Solaris systems for last five years. However recently I am noticing some interest in our organization about RBAC. I personally think SUDO can achieve the same features that RBAC offer with ease but looking for opinions in this community.

Thanks for your feedback.

Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
"..there are two kinds of people: those who work and those who take the credit...try  to be in the first group;...less competition there."  - Indira Gandhi ____________________________________________________________ 
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit: http://www.sudo.ws/mailman/listinfo/sudo-users
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified that
any disclosure, reproduction, distribution or use of this
message is strictly prohibited. Please inform the sender by
reply transmission and delete the message without copying or
opening it.

Messages and attachments are scanned for all viruses known.
If this message contains password-protected attachments, the
files have NOT been scanned for viruses by the ING mail domain.
Always scan attachments before opening them.

More information about the sudo-users mailing list