[OpenAFS] with or without krb5 and openldap?

[Balazs GAL]

Derek Atkins írta:

> Hesiod is not any less secure than LDAP.  At least with Hesiod if you
> deploy DNSSec you get complete security.  OTOH, you do not require a
> significant amount of security on hesiod info -- who cares about your
> GECOS field?  The real authentication security is from Kerberos.

Don't forget that the unix like systems authorization is based on nss
passwd and group fields. If you can spoof that, then you can gain any
rights on the clients.

balsa