From owner-freebsd-current  Thu Feb 17 17:47:30 2000
Delivered-To: freebsd-current@freebsd.org
Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20])
	by hub.freebsd.org (Postfix) with ESMTP
	id C084237B8F2; Thu, 17 Feb 2000 17:47:24 -0800 (PST)
	(envelope-from bright@fw.wintelcom.net)
Received: (from bright@localhost)
	by fw.wintelcom.net (8.9.3/8.9.3) id SAA26371;
	Thu, 17 Feb 2000 18:15:43 -0800 (PST)
Date: Thu, 17 Feb 2000 18:15:43 -0800
From: Alfred Perlstein <bright@wintelcom.net>
To: current@FreeBSD.org
Cc: Mark Murray <mark@grondar.za>, committers@FreeBSD.org
Subject: Re: Crypto progress! (And a Biiiig TODO list)
Message-ID: <20000217181543.G21720@fw.wintelcom.net>
References: <200002172130.XAA23664@gratis.grondar.za> <200002180127.UAA83711@khavrinen.lcs.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <200002180127.UAA83711@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, Feb 17, 2000 at 08:27:23PM -0500
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

* Garrett Wollman <wollman@khavrinen.lcs.mit.edu> [000217 17:55] wrote:
> <<On Thu, 17 Feb 2000 23:30:31 +0200, Mark Murray <mark@grondar.za> said:
> 
> > o I want to completely dekerberise userland, and only have kerberos
> >   via PAMs. A ton of work, and I have just started with this.
> 
> Huh?  PAM is Pluggable Authentication Modules, not Pluggable Protocol
> Modules....  It's unlikely that `rlogin' (for example) could be made
> to work this way.  (Of course, Kerberized `rlogin' is currently broken
> already, and has been for months, so perhaps I'm the only person left
> who cares.)
> 
> > o A daemon that userland can query for password checking; this is to
> >   get around the current requirement that things that need master.passwd
> >   access need to be suid root. It works, but needs tidying up, review
> >   and a PAM to query it. Not far to go!
> 
> I'm very uncomfortable with requiring Yet Another Daemon to manage
> (and screw up) password checking.  Generally speaking, if I wouldn't
> trust a program with root privileges, I wouldn't trust it with my
> password, either (for obvious reasons).

Yes, but the benifits of a correct implementation are quite awesome,
a centralized logging place to dole out authentication and potentially
administratively shutdown/lockout accounts if a brute force attempt (or
other abuse) is detected.

-Alfred


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message