From mboxrd@z Thu Jan  1 00:00:00 1970
From: Lucio De Re <lucio@proxima.alt.za>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] secstore
Message-ID: <20020515141630.O1584@cackle.proxima.alt.za>
References: <80dc9d46780953d37104e05c11fbed0f@9fs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <80dc9d46780953d37104e05c11fbed0f@9fs.org>; from nigel@9fs.org on Wed, May 15, 2002 at 12:58:16PM +0100
Date: Wed, 15 May 2002 14:16:31 +0200
Topicbox-Message-UUID: 9295cf94-eaca-11e9-9e20-41e7f4b1d025

On Wed, May 15, 2002 at 12:58:16PM +0100, nigel@9fs.org wrote:
>
> So a suitable solution for a combined cpu/auth server would be to use
> kfs and bind it over /adm/secstore for the secstored process only?
>
I doubt it.  It smacks of "security by obscurity" as other users on
the CPU server would be able to mount it too.  I think that, like
Kerberos, the auth server ought to be a physically secured unit.

Of course, you may not need such paranoia, but in a technical sense at
least, that would be mandatory.

++L