(Illustration by Gaich Muramatsu)
Jan Harkes <jaharkes_at_cs.cmu.edu> writes: >However, it is interesting that the auth2.pw file wouldn't have to >contain xor-ed cleartext passwords anymore. We currently need them >because of the shared secret authentication/key exchange. Interesting... You know, if there's a cronjob which refreshes root's security token once a day, wouldn't it make sense to have it also refresh every other user's token? After all, any process with a given user ID should have access to that user's files, and no such process would exist unless it had already been authenticated with the normal Unix security system. Maybe the real problem is that two completely different authentication schemes are trying to exist side by side. Would switching to Kerberos fix this problem, or only make it worse? Pete GonzalezReceived on 1999-07-19 10:19:10