From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <546981BE.90704@gr13.net> References: <546981BE.90704@gr13.net> Date: Tue, 18 Nov 2014 00:22:26 -0800 Message-ID: From: Skip Tavakkolian To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=001a113336b899d67805081dcb54 Subject: Re: [9fans] Factotum vs SASL Topicbox-Message-UUID: 2ad30796-ead9-11e9-9d60-3106f5b1d025 --001a113336b899d67805081dcb54 Content-Type: text/plain; charset=UTF-8 to do a comparative analysis of the functions it makes sense to know one side very well. i found it easier to understand factotum and compare the others to factotum. to me SASL is more like the functions of factotum's rpc and proto files. Window's Local Security Authority (LSA) combined with Security Support Provider Interface (SSPI) and the corresponding protocol DDL's, is more comparable to factotum's credentials caching, rpc/proto/needkey, etc fs interface and how it negotiates change of identity of a verified process using cap(3). on Linux, for a server, SASL+setuid program+PAM is sort-of like factotum and SASL+app is sort of like factotum for a client. On Sun, Nov 16, 2014 at 9:03 PM, Enrico Weigelt, metux IT consult < enrico.weigelt@gr13.net> wrote: > Hi folks, > > I've got the impression that there're some similarities between SASL > (saslauthd) and Factotum - at least at the point that both are > offloading actual authentication handshakes to a separate service. > But I have to admit that I didn't have done a deeper analysis of > these two. > > Could anybody with deeper insight perhaps give some detailed > comparison between them ? > > > greetings, > -- > Enrico Weigelt, > metux IT consulting > +49-151-27565287 > > --001a113336b899d67805081dcb54 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
to do a comparative analysis of the functions it makes sen= se to know one side very well. i found it easier to understand factotum and= compare the others to factotum. to me SASL is more like the functions of f= actotum's rpc and proto files.=C2=A0 Window's Local Security Author= ity (LSA) combined with Security Support Provider Interface (SSPI) and the = corresponding protocol DDL's, is more comparable to factotum's cred= entials caching, rpc/proto/needkey, etc fs interface and how it negotiates = change of identity of a verified process using cap(3). =C2=A0on Linux, for = a server, SASL+setuid program+PAM is sort-of like factotum and SASL+app is = sort of like factotum for a client.


On Sun, Nov 16, 2014 at 9:03 PM, Enr= ico Weigelt, metux IT consult <enrico.weigelt@gr13.net> wrote:
Hi folks,

I've got the impression that there're some similarities between SAS= L
(saslauthd) and Factotum - at least at the point that both are
offloading actual authentication handshakes to a separate service.
But I have to admit that I didn't have done a deeper analysis of
these two.

Could anybody with deeper insight perhaps give some detailed
comparison between them ?


greetings,
--
Enrico Weigelt,
metux IT consulting
+49-151-2756528= 7


--001a113336b899d67805081dcb54--