On Apr 28, 7:51pm, Paul Howell wrote:
>
> Since DFS will do it the way that AFS now does it, i.e.,
> a host showing up as authuer, it makes more sense
> to leave it the way it is.
The difference with DFS is that the host must be registered in the
security database and have its secret key stored on the local disk.
So its more secure then just using an IP address (although only secure
as the key stored on the disk). Not to mention the principal is stored as
hosts/slapshot/self so if a host's IP address changes it authentication
doesn't.
Also (some can correct me if I'm wrong) a user accessing files under DFS
doesn't inherit the machine's principal, do they? If they don't then
DFS is nothing like AFS's IP scheme no matter how you look at it.
>
> I don't see the issue of having hosts show up in system:authuser
> as a big security problem.
It still sounds like a big security hole to me. If you are using IP addresses
to handout licensed software it seems like you would want to base authentication
on more then just an IP address. If you really want access by IP address
then you should explicitly have to say so.
Although I can see the usefulness for IP addresses in ACLs it seems like
a big step backwards in terms of security, especially if they get
system:authuser by default.
Roland
--
Roland J. Schemers III | Networking Systems |
Systems Programmer | G16 Redwood Hall (415) 723-6740| # ping Elvis
Distributed Computing Group | Stanford, CA 94305-4122 | Elvis is alive
Stanford University | [EMAIL PROTECTED] |
