On Tue, Sep 03, 2013 at 11:31:09AM +0200, Dag-Erling Sm??rgrav wrote: > Slawa Olhovchenkov <s...@zxy.spb.ru> writes: > > Dag-Erling Sm??rgrav <d...@des.no> writes: > > > The proper solution would be an identification and authentication daemon > > > with a well-designed RPC interface and mechanisms for transferring > > > environment variables, descriptors and credentials from the daemon to > > > the application (in this case, sshd). > > I think this is impossible, because credentials for pam_krb5 is simple > > pointer to internal blob's with unknown size, structure and links with > > other elements. > > When I spoke of passing credentials, I meant process credentials, not > the cached Kerberos credentials - which the application does not need > anyway. See SCM_CREDS in recv(2) for further information.
And how in this case can be resolved situation with PAM credentials (Kerberos credentials in may case)? _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
