On Wed, Oct 03, 2001 at 06:43:08PM +0000, Garrett Wollman wrote: > In article <[EMAIL PROTECTED]>, > Nicolas Williams <[EMAIL PROTECTED]> wrote: > >Windows 2000: stored by the LSA (I think) > >Solaris: stored in "ccache" > >MIT: stored in "ccache" > >Heimdal: stored in "ccache" > >CyberSafe: ? > > > >A "ccache" is a per-TGT file. > > Not specifically. A ``ccache'' is an instance of the generic > credential-cache API. There is nothing preventing one from using (for > example) a UNIX shared-memory segment to store the credentials, rather > than a plain file.[1]
Yes, I know. I forgot to mention that. MIT supports shared memory ccaches for MacOS and Windows, I think, and anonymous non-shared memory for Unix. We use the memory type in our PAM_KRB5 for cred storage between the call to pam_authenticate() and pam_setcred(). > -GAWollman > > [1] Actually, there is: traditional SVID-style shared memory segments > are persistent, and thus would eventually be completely consumed > unless every user was absolutely scrupulous in running `kdestroy'. > > -- > Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same > [EMAIL PROTECTED] | O Siem / The fires of freedom > Opinions not those of| Dance in the burning flame > MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick Nico -- -DISCLAIMER: an automatically appended disclaimer may follow. By posting- -to a public e-mail mailing list I hereby grant permission to distribute- -and copy this message.- Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
