[Monotone-devel] Re: host vs user authentication, was Re: newbie question - SHA1 vs serials

[Emile Snyder]

On Wed, 2005-04-20 at 08:24, K. Richard Pixley wrote:
> >
> Pretty much any authentication possible under linux is available through 
> apache.  This includes authentication by user, by host, all of the PAM 

I'm curious about the host trust mode.  What prevents a user on that
host from taking whatever secret the host is using to authenticate
itself and moving it to a new machine?

thanks,
-emile

> modules, and a number of others.  More, it's available on a per-file 
> and/or per directory or subtree basis which essentially gives you the 
> ability to allow read/write access specifically to bob alone on machine 
> x to file1 but only when he's connecting over an encrypted connection 
> with valid certs on both sides resolving to our own internal circle of 
> trust and authenticated against the company's ldap server, but only when 
> he's using his unix style password, not his samba/smb password and only 
> between the hours of 9am - 5pm.
> 
> That's a lot of flexibility.
> 
> --rich
> 
> 
> _______________________________________________
> Monotone-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/monotone-devel

+----------------------------------------------------------------------
E Pluribus UNIX 
+----------------------------------------------------------------------

signature.asc
Description: This is a digitally signed message part