Date: Tue, 29 May 2018 06:04:23 -0700 From: Cy Schubert <Cy.Schubert@cschubert.com> To: Rick Macklem <rmacklem@uoguelph.ca> Cc: Sean Bruno <sbruno@freebsd.org>, Cy Schubert <Cy.Schubert@cschubert.com>, Benjamin Kaduk <kaduk@mit.edu>, freebsd-arch <freebsd-arch@freebsd.org> Subject: Re: How to update or should we update Kerberos Message-ID: <201805291304.w4TD4NAr059913@slippy.cwsent.com> In-Reply-To: Message from Rick Macklem <rmacklem@uoguelph.ca> of "Tue, 29 May 2018 12:58:53 -0000." <YTOPR0101MB095376A67E0BBB4A2961F4BBDD6D0@YTOPR0101MB0953.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <YTOPR0101MB095376A67E0BBB4A2961F4BBDD6D0@YTOPR0101MB0953.CAN PRD01.P ROD.OUTLOOK.COM>, Rick Macklem writes: > Sean Bruno wrote: > [stuff snipped] > >Heh, yeah, I asked this question *wrong*. I know how we use it in the > >cluster. :-) > > > >I mean to ask, "why aren't we using ports for kerberos?" What purpose > >does it serve in the base system? > Although I have no idea how many use it, both the NFS client and server can d > o > Kerberized mounts. I haven't tried, but it probably needs some bits to build > it > and if you move it to ports, there would be duplicates (and the opportunity t > o > have one change without the other introducing a hard to find bug). > > Also, I'd argue that security technology like this is pretty "core". > > I am mainly referring to the libraries and client side stuff and not the KDC. IMO the base should only contain the libraries and client side. -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201805291304.w4TD4NAr059913>