How to update or should we update Kerberos
Cy Schubert
Cy.Schubert at cschubert.com
Tue May 29 13:04:34 UTC 2018
In message <YTOPR0101MB095376A67E0BBB4A2961F4BBDD6D0 at YTOPR0101MB0953.CAN
PRD01.P
ROD.OUTLOOK.COM>, Rick Macklem writes:
> Sean Bruno wrote:
> [stuff snipped]
> >Heh, yeah, I asked this question *wrong*. I know how we use it in the
> >cluster. :-)
> >
> >I mean to ask, "why aren't we using ports for kerberos?" What purpose
> >does it serve in the base system?
> Although I have no idea how many use it, both the NFS client and server can d
> o
> Kerberized mounts. I haven't tried, but it probably needs some bits to build
> it
> and if you move it to ports, there would be duplicates (and the opportunity t
> o
> have one change without the other introducing a hard to find bug).
>
> Also, I'd argue that security technology like this is pretty "core".
>
> I am mainly referring to the libraries and client side stuff and not the KDC.
IMO the base should only contain the libraries and client side.
--
Cheers,
Cy Schubert <Cy.Schubert at cschubert.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the freebsd-arch
mailing list