Re: RPCSEC_GSS and NIS etc
From: Darren J Moffat (darrenm@eng.sun.com)Date: 08/28/01
- Previous message: Vladimir Ivanov: "RPCSEC_GSS and NIS etc"
- In reply to: Vladimir Ivanov: "RPCSEC_GSS and NIS etc"
- Next in thread: Vladimir Ivanov: "Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- Reply: Vladimir Ivanov: "Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Aug 2001 14:17:09 -0700 (PDT) From: Darren J Moffat <darrenm@eng.sun.com> To: Vladimir Ivanov <VIvanov@tee.toshiba.de> Subject: Re: RPCSEC_GSS and NIS etc Message-ID: <Pine.GSO.4.21.0108281413520.359996-100000@jurassic>
On Tue, 28 Aug 2001, Vladimir Ivanov wrote:
> What about other RPC-based services? NIS, NIS+, rpc.rstatd ?
> Or all applications need to be rewritten with new API?
NIS no - it doesn't even use AUTH_DH (aka AUTH_DES).
NIS+ kind of yes. It does use RPCSEC_GSS but only for dh640-0 and
dh1024-0. It can't be used to used Kerberos.
RPC applications do need to be written to the RPCSEC_GSS API they don't
automatically get it by being an RPC application. Note that there are
some RPC applications on Solaris that are only locally accessible anyway,
(eg keyserv) and thus don't really need RPCSEC_GSS.
-- Darren J Moffat
- Previous message: Vladimir Ivanov: "RPCSEC_GSS and NIS etc"
- In reply to: Vladimir Ivanov: "RPCSEC_GSS and NIS etc"
- Next in thread: Vladimir Ivanov: "Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- Reply: Vladimir Ivanov: "Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
