Date: Sun, 19 Apr 1998 04:24:29 -0600 (MDT) From: allen campbell <allenc@verinet.com> To: hackers@FreeBSD.ORG Subject: Re: Discussion : Using DHCP to obtain configuration. Message-ID: <199804191024.EAA10069@const.> In-Reply-To: <199804182328.QAA25724@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Oh.. and while I'm dreaming, how about using portalfs or similar as
> > such: mount /etc with portalfs and have a translator present all of
> > the data from the database in traditional format.
>
> This is a *terrifically* cool idea!
This simply obsoletes any idea to-date that I know of for supporting
the legacy system.
Terry, I have followed your advocacy of LDAP (or a similar alternative)
for some time now and I have some questions.
How do you address an assertion which says dependency on a database
reduces robustness because of, for instance, database corruption?
Do you disregard the assertion based on evolutionary necessity
('bite the bullet') or do you dispute that there is any significant
compromise at all?
Does a configuration database imply a client/server design and,
therefore, a daemon to implement the server, or do you expect that
a static/shared library would allow the client direct access? The
former provides for a very thin client and powerful concurrency
control (such as signaling registered clients when the hostname
changes.) The latter has the appeal of not requiring an daemon
which would be tough to support in minimalist applications. Both
perhaps?
Different parts of the configuration hierarchy have different
security requirements and this will ultimately require close
integration with the kernel for enforcement, authentication, etc.
How does that square with a user mode subsystem such as LDAP? (A
disclaimer on this one; I am not proficient enough with LDAP to
assert that this isn't already provided for, I merely suspect not.
As a database applications developer, I have learned that there is
little integration between host system security and database security
in contemporary SQL database systems.)
Allen Campbell
allenc@verinet.com
ps. This thread should be migrated to the config list.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804191024.EAA10069>