Date: Tue, 17 Aug 1999 19:30:56 +0200 From: Mark Murray <mark@grondar.za> To: "Matthew N. Dodd" <winter@jurai.net> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Kerberos 5 integration. Message-ID: <199908171730.TAA41154@gratis.grondar.za>
next in thread | raw e-mail | index | archive | help
> What do you think about moving all the current '#ifdef KERBEROS' to
> '#ifdef KERBEROS4' and starting to integrate the '#ifdef KERBEROS5' bits
> in ftp, telnet, rsh, rlogin etc? I don't see a reason to rip out the krb4
> stuff and delay on the krb5 userland integration. Since the userland
> stuff doesn't involve actual crypto code I think we're pretty safe no?
I have a better idea; PAM-ify everything (that can be pammed). The rest
of the stuff, I intend to do as you say.
> I'd also be interested in hearing reasons for or against putting the krb4
> specific stuff (kinit, klist whatever) in /usr/krb4, and the krb5 bits in
> /usr/krb5. This would simplify the task of leaving krb4 in the tree.
Hmm. Methinks I might name the version-specific stuff k[45]${FOO}
for FOO in init, list, destroy, etc. Telnetd and FTPD should be
PAMmable, likewise the r.*d's. The userland ftp and telnets can
have both (Isuspect), and the r-utils also.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908171730.TAA41154>