Date: Tue, 17 Nov 1998 17:54:29 -0800 (PST) From: "Joseph M. Scott" <jmscott@ainet.com> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Mikael Karpberg <karpen@ocean.campus.luth.se>, William McVey <wam@sa.fedex.com>, hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <Pine.GSU.4.05.9811171752310.29073-100000@www.ainet.com> In-Reply-To: <Pine.BSF.3.96.981117165526.26891A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > It might be nice to just have a file system socket any process can bind to > that mediates access to the authentication system. On the one side of the > socket is any client attempting to authenticate a user (possibly using PAM > as the API, and then some record based protocol over the socket), and on > the other side is Mr Auth Server that listens on the socket, accepts > connections, and is a place where throttling of attempts could be > performed. Similarly, it could take advantage of the SCM_AUTH (or > whatever) uid/gid passing to authenticate the processes on the other side. > > > Robert N Watson > Correct me if I'm wrong but this sounds similar to the way that radius works. The backend logging of radius would need to be changed, but I wouldn't think that to be too much of a problem. Joseph Scott jmscott@ainet.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSU.4.05.9811171752310.29073-100000>