Does PAC Validation Require External Communication?

Love Hörnquist Åstrand lha at kth.se
Tue May 15 05:00:42 GMT 2007


> Just in case Love suddenly get's inspired by all of this - rather than
> requiring a specific process model, I would like to see just a socket
> descriptor and a function to process the server side so that I can use
> it with existing muxer code. I don't want to crap up my process table
> with daemons. Also, the IPC should be well defined and simple so that
> I can go that low if I want.

Splitting out the work of krb5_rd_req have been on the TODO list for  
some time now.

Forking and execing a suid binary is one one, talking to an existing  
processes another over IPC. Using IPC is probably prefered since fork 
()ing inside a lib is icky to say the least (stray SIGHLD,  
interesting fd's all over the place, etc).

it I was to write it it would write both ends and make a libkrbrdrep  
that a service lib winbind or kcm could link with to provide the  
funktionallity with an simple entry point (or two).

Love




More information about the samba-technical mailing list