[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kerberos and Hesiod?



>       I suppose I shouldn't be surprised.  After all, Hesiod *is* built on
>  top of DNS.  I knew there had to be a way to safeguard root, but it didn't
>  immediately occur to me that keeping users from impersonating each other
>  would be much harder.  (Hrrrm, anybody ever tried to Kerberize Hesiod?)

Yes. Not easy, not much point. Wait for DNSSEC to be in a reasonable state if
you wish for something better is probably the best option...

>       Okay, Hesiod is right out, then.  I suppose, if nothing else, there
>  is always NIS.  Or maybe I should just write a secure system to do this
>  kind of stuff myself.  8)  Actually, would it be that hard, if you had
>  something like Kerberos around to help?      

Gag. If anything I'd take the GSS sunrpc foo and "gss-ize" nis+, but there's
not a free nis+ server just yet

-D



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []