Re: hurd does NOT need /hurd

To: Andrew Suffield <asuffield@debian.org>
Cc: debian-devel@lists.debian.org, debian-hurd@lists.debian.org
Subject: Re: hurd does NOT need /hurd
From: nisse@lysator.liu.se (Niels Möller)
Date: 23 May 2002 13:10:13 +0200
Message-id: <[🔎] nn661ff7ca.fsf@fafner.lysator.liu.se>
In-reply-to: <[🔎] 20020523113434.A4296@doc.ic.ac.uk>
References: <[🔎] 20020520180124.GB11058@ucsd.edu> <[🔎] 87u1p21vkq.fsf@becket.becket.net> <[🔎] 20020520201200.GC1380@azure.humbug.org.au> <[🔎] 20020520171355.D5840@justice.loyola.edu> <[🔎] 20020520232255.GB6156@azure.humbug.org.au> <[🔎] 20020520194949.F5840@justice.loyola.edu> <[🔎] 20020521012358.GE6156@azure.humbug.org.au> <[🔎] 20020521054225.GA1011@celeron.dekkers> <[🔎] 87ptzolj3x.fsf@arabella.intern.opera.no> <[🔎] nng00jfdx5.fsf@fafner.lysator.liu.se> <[🔎] 20020523113434.A4296@doc.ic.ac.uk>

Andrew Suffield <asuffield@debian.org> writes:

> That sure sounds like kerberos to me. Or at least one of the many
> things kerberos can do.

Perhaps. There are some similarities in structure. I'm not terribly
familiar with typical kerberos usage, but I thought one of the points
were that you can get some of your processes running on a machine,
without your clear text password ever entering that machine.

If one runs one's kerberos client, the login session, and the
kerberos ticket-granting server all on the same machine, then it
resembles the Hurd's passwd server, but I don't think that's a common
setup. 

To use the Hurd and kerberos, you'd want a server that hands out an
authentication token in response to a kerberos ticket, but noone have
written anything like that yet, I think.

One other important component in the Hurd is the auth server, which is
used for things like validation of auth tokens that client processes
claim to have. This is the most central component for Hurd access
control, I think. The passwd server is a more peripheral component
which is used only by programs such as login, su, and addauth.

/Niels

-- 
To UNSUBSCRIBE, email to debian-hurd-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: hurd does NOT need /hurd
  - From: "John H. Robinson, IV" <jhriv@ucsd.edu>
- Re: hurd does NOT need /hurd
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: hurd does NOT need /hurd
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: hurd does NOT need /hurd
  - From: Michael Stone <mstone@debian.org>
- Re: hurd does NOT need /hurd
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: hurd does NOT need /hurd
  - From: Michael Stone <mstone@debian.org>
- Re: hurd does NOT need /hurd
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: hurd does NOT need /hurd
  - From: Jeroen Dekkers <jeroen@dekkers.cx>
- Re: hurd does NOT need /hurd
  - From: Tollef Fog Heen <tollef@add.no>
- Re: hurd does NOT need /hurd
  - From: nisse@lysator.liu.se (Niels Möller)
- Re: hurd does NOT need /hurd
  - From: Andrew Suffield <asuffield@debian.org>

Prev by Date: Re: hurd does NOT need /hurd
Next by Date: oskit-mach troubles
Previous by thread: Re: hurd does NOT need /hurd
Next by thread: Re: hurd does NOT need /hurd
Index(es):
- Date
- Thread