Re: [PATCHES] Solaris ident authentication using unix domain sockets

Josh Berkus wrote:
> Tom,
>
>> Indeed.  If the Solaris folk feel that getupeercred() is insecure,
>>  they had better explain why their kernel is that broken.  This is
>>  entirely unrelated to the known shortcomings of the "ident" IP
>> protocol.
>
> The Solaris security & kernel folks do, actually.  However, there's
> no question that TRUST is inherently insecure, and that's what people
>  are going to use if they can't get IDENT to work.

I'd be *very* interested in how they come to that assessment. I'd have
thought that the only alternative to getpeereid/getupeercred is
password-based or certificate-based authenticated - which seem *less*
secure because a) they also rely on the client having the correct uid
or gid (to read the password/private key), plus b) the risk of the
password/private key getting into the wrong hands.

How is that sort of authenticated handled by services shipping with solaris?

regards, Florian Pflug, hoping to be enlightened beyond his limited
posix-ish view of the world...