Date: Wed, 3 Jun 1998 08:59:53 -0400 (EDT) From: Adam Shostack <adam@homeport.org> To: cschuber@uumail.gov.bc.ca Cc: robert+freebsd@cyrus.watson.org, phk@critter.freebsd.dk, eivind@yes.no, sysadmin@mfn.org, freebsd-security@FreeBSD.ORG Subject: Re: MD5 v. DES? Message-ID: <199806031259.IAA06307@homeport.org> In-Reply-To: <199806030808.BAA11430@cwsys.cwsent.com> from Cy Schubert - ITSD Open Systems Group at "Jun 3, 98 01:08:29 am"
next in thread | previous in thread | raw e-mail | index | archive | help
TIS wrote one of these that isn't bad as long as you don't let the protocol cross the network. It was part of the firewall toolkit. Since a number of vendors support that, it would be nice to be compatible with it. With a little effort, the protocol could be revised to tie the 'ok' messages to the rest of the system, and it could be made network safe. Adam Cy Schubert - ITSD Open Systems Group wrote: | > environment, it might be desirable to have an "authentication daemon" that | > listens on a unix domain socket (or such). Daemons like CMU's imapd | | This looks like a nice clean approach, however what if the daemon (or | something else for that matter) is broken? I suppose falling back to a | primitive level of authentification, e.g. only /etc/passwd, to ensure | that the system is not totally hosed. | | Any thoughts? | | | Regards, Phone: (250)387-8437 | Cy Schubert Fax: (250)387-5766 | Open Systems Group Internet: cschuber@uumail.gov.bc.ca | ITSD Cy.Schubert@gems8.gov.bc.ca | Government of BC | | | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe security" in the body of the message | -- "It is seldom that liberty of any kind is lost all at once." -Hume To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806031259.IAA06307>