From owner-freebsd-questions  Fri Apr 20 16:17:47 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from outland.cyberwar.com (outland.cyberwar.com [208.17.174.42])
	by hub.freebsd.org (Postfix) with ESMTP id C581B37B43C
	for <questions@freebsd.org>; Fri, 20 Apr 2001 16:17:43 -0700 (PDT)
	(envelope-from anarkky@cyberwar.com)
Received: from localhost (anarkky@localhost)
	by outland.cyberwar.com (8.11.3/8.11.3) with ESMTP id f3KNHXP52189
	for <questions@freebsd.org>; Fri, 20 Apr 2001 19:17:34 -0400 (EDT)
Date: Fri, 20 Apr 2001 19:17:33 -0400 (EDT)
From: shivak <anarkky@cyberwar.com>
To: <questions@freebsd.org>
Subject: backend authentication scheme
Message-ID: <Pine.BSF.4.31.0104201911510.51735-100000@outland.cyberwar.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

hey all, please cc me as I am not subscribed.

I've been playing around with kerberos for a while, and for my purposes I
believe it is overkill. I'm looking for an authentication backend which
will provide centralized and a hopefully secure database of users. Of
course, it would require server support, but I do not want to make changes
to the client programs. Ideally it would also provide an ACL-like system
(i.e. this user can log onto the mail server and the file server, but not
the print server). I was looking at OpenLDAP but discovered various
security flaws (ldap is the wrong software for this). Is a regular db like
postgres, mysql, or even berkeley any good for my situation?

thanks
--
shiva


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message