Hi,
I have posted the diff for allowing pkgsend to ask for user
credentials and using basic auth at
http://defect.opensolaris.org/bz/show_bug.cgi?id=689
I would like to get some comments on this bug, especially accepting
the credentials from the user.
Other than the approach taken the other alternatives are:
1) cvs/svn like .pkg directory/file where the auth info is stored
2) allow user to specify a username and a password file as parameters
3) allow user to specify a username and a password file as environment
values.
4) allow only signed packages? (would require changes at pkg.depot too,)
The current implementation was tested on a Sun Java System Webproxy
configured as a secure reverse proxy with acls to protect /open.* alone.
Rahul
--
1. e4 _
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
