On Wed, 12 Mar 2003, Charlie Brady wrote: >On Wed, 12 Mar 2003, Andreas Aardal Hanssen wrote: >> Hi, Charlie. >> By "invoked similarly" I mean that it is spawned through a tcp wrapper. It >> will support privilege seperation. But I am not convinced that the >> authenticator should spawn the daemon. >These last two statements appear to be contradictory. I think that the >authenticator must spawn the daemon to provide the privilege separation.
Not at all. checkpassword spawns something, but it doesn't have to be the daemon. I see the advantages of using checkpassword with pipelining commands such as the smtp-after-imap stuff and so on. But this works today by throwing in programs in checkpassword's pipeline. Andy - thinking... -- Andreas Aardal Hanssen | http://www.andreas.hanssen.name/gpg Author of Binc IMAP | Nil desperandum
