CVS/SSH level of security using perforce ?

NickTriantosnick at nvidia.com NickTriantosnick at nvidia.com
Thu Jun 4 09:29:42 PDT 1998 

I'd like to add in my $0.02 that for Windows GUI users, if password support
of some sort is added (I too hope it is), it'd be nice to have the GUI
remember the password and just re-send it whenever necessary.  That way,
GUI users could launch the GUI and just use it, without having to
re-authenticate each time they perform an action of some sort.

Thanks,
- -Nick


At 12:17 PM 6/4/98 -0400, you wrote:
>At 11:41 AM -0400 6/4/98, James FitzGibbon wrote:
>>Doesn't this strike you as a hell of a lot of work for something that is
>>provided in other SCM systems already ?  It appears that I've opened up a
>>larger can of worms than I realized with this one.
>>
>>Even if it didn't have encryption, just making the p4 command prompt for a
>>password and check it against a hashed version in the protect table seems
>>to be a trivial excercise.
>
>I suggested the same thing when we first started using Perforce.  Much as I
>think Perforce a great tool, its authentication model is weak at best.
>Coupled with mediocre logging that's a real risk.
>
>Since they (perforce) probably aren't even awake on the west coast yet :-),
>I'd like to add that they seem to understand that authentication is
>important.
>
>Last I heard they were looking at putting PAM (Pluggable Authentication
>Modules) support in the server so you could pick and choose which
>authentication you wanted to use.  If they pull it off, that would be
>great.
>
>PAM references:
>	Description: <http://www.redhat.com/linux-info/pam/index.html>
>	OSF RFC86.0: <http://www.redhat.com/linux-info/pam/rfc86.0.txt>
>
>If PAM doesn't make it into the next release, *please* at least put a
>shared secret kind of authentication into p4/p4d (like RADIUS uses).  It
>should be required for *every* operation, not just "submit" as mentioned in
>another message.   You should send the authentication token for *every*
>connection.
>
>And syslog() support.  I want to log *every* connection.
>
>Rob
> 
- ----
Nick Triantos
Nvidia Corporation         phone: 408/617-4054
1226 Tiros Way             email: mailto:nick at nvidia.com
Sunnyvale, CA 94086          www: http://www.nvidia.com

PGP key at: http://www.flash.net/~triantos/pgpkey.html

More information about the perforce-user mailing list