[7097] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Problems running gss-server example as non-root

daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Apr 16 03:11:37 1996

To: Barry Jaspan <bjaspan@MIT.EDU>
Cc: edhill@strobe.weeg.uiowa.edu, kerberos@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 16 Apr 1996 00:58:09 -0400
In-Reply-To: Barry Jaspan's message of Mon, 15 Apr 96 16:57:20 EDT

>>>>> "Barry" == Barry Jaspan <bjaspan@MIT.EDU> writes:

    Barry>    The solution at that point was to invent an idea called
    Barry> a secure context, used by programs like ksu and (when it
    Barry> gets krb5 support), login.

    Barry> What defines a secure context?

	If an application calls a special version of
krb5_init_context, it gets a secure context.  A secure context is a
context where all the default values are based on compile-time
information or files like /etc/krb5.conf with compiled-in defaults.

    Barry>    I just looked at the code, and KRB5_KTNAME is only
    Barry> considered if the context is insecure.


    Barry> Did you get that backwards?

	No.

    Barry> Barry


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7097] in Kerberos

Re: Problems running gss-server example as non-root

daemon@ATHENA.MIT.EDU (Sam Hartman)Tue Apr 16 03:11:37 1996

daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Apr 16 03:11:37 1996