Date: Fri, 17 Apr 1998 22:53:41 -0700 From: Mike Smith <mike@smith.net.au> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Mike Smith <mike@smith.net.au>, Archie Cobbs <archie@whistle.com>, hackers@FreeBSD.ORG Subject: Re: Discussion : Using DHCP to obtain configuration. Message-ID: <199804180553.WAA00781@antipodes.cdrom.com> In-Reply-To: Your message of "Fri, 17 Apr 1998 17:51:51 EDT." <Pine.BSF.3.96.980417174734.11132F-100000@trojanhorse.pr.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Thu, 16 Apr 1998, Mike Smith wrote: > > Actually, what I want is a stub version of the LDAP client library that > > can be linked into a few of the items that run early on (init, mount, > > fsck, dhclient, etc), before the network is up. Once the net is up, > > everything parametric ought to be indirected through a generic "get me > > a parameter" API. > > See, so the reason I find this concerning is that it stores the > configuration information (presumably) in a single repository, and the > kernel enforcement of the security on this repository can't be made finer > grained. The kernel has little or nothing of a say in the matter. If you stop a moment and realise that the information in question may not even be local to the system in question, you'll realise that access controls have to be a part of the parameter store itself. Fortunately for your peace of mind, LDAP supports ACL controls. > If the two approaches can be made compatible, I am all for a more sane > configuration system :). If not, then I see problems. If we can't come up with an acceptable compromise, then naturally it's not going to be accepted. One thing at a time - make it happen at all first. 8) -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804180553.WAA00781>