Date: Mon, 01 Dec 2003 18:24:25 -0800 From: Tim Kientzle <kientzle@acm.org> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: freebsd-current@freebsd.org Subject: Re: NSS and PAM Message-ID: <3FCBF7D9.10609@acm.org> In-Reply-To: <200312012250.hB1MoCMZ081007@khavrinen.lcs.mit.edu> References: <20031129011334.GC88553@madman.celabo.org> <xzpbrqw7xsb.fsf@dwp.des.no> <20031201142737.GC99428@madman.celabo.org> <xzp7k1geb6x.fsf@dwp.des.no> <20031201175925.GC244@madman.celabo.org> <xzpvfp0ch1z.fsf@dwp.des.no> <200312012250.hB1MoCMZ081007@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Garrett Wollman wrote: > <<On Mon, 01 Dec 2003 23:24:40 +0100, des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) said: > >>The problem is that the authentication information needs to be stored >>somewhere, and the usual solution is to store it in the directory, > > ...which is usually the worst possible place. Please don't penalize > those of us with sensible authentication systems. Care to elaborate, Garrett? I've been following this discussion with some interest, and would like to see people elucidate their positions and concerns. Both DES and Jacques have made some interesting points so far. What exactly is your "sensible authentication system"? Why is the directory "usually the worst" for storing authentication information? What do you think are the correct fracture points and how do they relate to the existing PAM/NSS frameworks? Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FCBF7D9.10609>