On Tue, Aug 15, 2000 at 03:54:57PM -0400, Jeffrey Altman wrote: > > What I'm learning from this thread is that the telnetd/login division > > of labor may have made sense in 1981, but it doesn't make sense any > > more today. With modern security infrastructures, the process which > > implements the network protocol and the client which manages the > > host's user login process cannot be completely separate. Setting up a > > bidirectional communications channel between telnetd and login may be > > sufficient, but I suspect combining them would be easier. > > > > Marc > > > > Marc, you have hit the nail on the head. What we really need on > Unix is to replace the file based credentials cache with something > else that can be contacted securely by the network process, the login > process, and the user. Something like Windows 2000's LSA service and SSPI? > Jeffrey Altman * Sr.Software Designer > The Kermit Project * Columbia University > 612 West 115th St * New York, NY * 10025 * USA > http://www.kermit-project.org/ * kermit-support@kermit-project.org Nico --
