|
| From: | John |
| Subject: | Re: [Auth]mds and Barry: MACS authorization |
| Date: | Wed, 28 Aug 2002 19:19:18 -0400 |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020815 |
Mario D. Santana wrote:
Well, that's going to make the manpower estimate I'm preparing a bit more difficult as i need to judge the difficulty of converting one module from PERL to C++. Contrary to your opinion I don't believe a rewrite to the extent set down in the core teams suggestion will be only 1 man year, but then I'm not looking at the correct codebase.John wrote:In reviewing the MACS source code (0.5 CVS; is there a later version available???), and specifically the single login mechanism; I was confronted by two thoughts -The latest "stable" release is 0.5a, on June 5. There has not been arelease since, because the next release will be almost completely refactored.
Despite the fact that it documents otherwise? Well, add another task to the tasklist: reflect actual program into documentation. Still, I'm glad it does. Storing system passnames with other skeyed data is FrePort's design.1) Why are the system names, user names, and passwords for other systems stored in the authentication module? Would they not be better stored in the Profile module? [...]This was a matter of historical convenience in the 0.5a release. The latest CVS (which is pretty much unusable atm) does exactly as you suggest.
Please do; I'd like to see how well they mirror the same notes I had, but AFAIK were never implemented in FrePort. Seems like if I ask questions for long enough MACS and FrePort will end up being the same animal.2) Should the authentication service use PAM on either the front-end (for the MACS login) or on the back-end? To avail ourselves of the many PAM modules already written?Yes and yes. There is a pam front-end in 0.5a (which I was using for my machine's login service!) We have been thinking of ways to do the pam backend but relegated it to the back burner for now. If anyone's interested, I can explain the ideas we've had for this -- they're fairly interesting.
John Le'Brecage
| [Prev in Thread] | Current Thread | [Next in Thread] |