On Tue, Sep 03, 2013 at 11:31:09AM +0200, Dag-Erling Sm??rgrav wrote: > Slawa Olhovchenkov <[email protected]> writes: > > Dag-Erling Sm??rgrav <[email protected]> writes: > > > The proper solution would be an identification and authentication daemon > > > with a well-designed RPC interface and mechanisms for transferring > > > environment variables, descriptors and credentials from the daemon to > > > the application (in this case, sshd). > > I think this is impossible, because credentials for pam_krb5 is simple > > pointer to internal blob's with unknown size, structure and links with > > other elements. > > When I spoke of passing credentials, I meant process credentials, not > the cached Kerberos credentials - which the application does not need > anyway. See SCM_CREDS in recv(2) for further information.
And how in this case can be resolved situation with PAM credentials (Kerberos credentials in may case)? _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
