[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hurd does NOT need /hurd



Tollef Fog Heen <tollef@add.no> writes:

> I am not 100% sure what you mean by password server

The hurd passwd server lets you get an authentication token in
exchange for a password. Somewhat like PAM, they both handle simple
cleartext passwords, but one important difference is that PAM can't
give you any tokens you don't already have. To be able to do work as a
different user it's not enough to use PAM, you also have to either be
root, or use some setuid root program like su. On the hurd, it's
enough to (i) know the password, and (ii) talk to the passwd server.

And it's not much like kerberos either, even if one could conceive
alternative passwd servers that hand out auth tokens in response to
other types of information than simple passwords.

/Niels


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: