From mboxrd@z Thu Jan 1 00:00:00 1970 From: andrey mirtchovski To: 9fans@cse.psu.edu Subject: Re: [9fans] cron authentication In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Date: Mon, 28 Jul 2003 15:44:35 -0600 Topicbox-Message-UUID: 07a9760e-eacc-11e9-9e20-41e7f4b1d025 I believe I figured it out after a bit of experimenting with it. What threw me off originally was the fact that I could run auth/cron on non-auth cpu servers without any problem, however I realized that the factotum for the host owner knew how to authenticate to the auth server, and had the proper capabilities to become me... at least it stopped working when I deleted the keys from the cpu server's factotum :) by the way, do you think that it's a bad idea to give secstore access to a cpu server's hostowner? andrey