[2258] in Kerberos-V5-bugs
maxlife (was Re: Bug fix: kdc.conf not being read)
daemon@ATHENA.MIT.EDU (Jon Roma)
Mon Sep 23 14:11:49 1996
To: Barry Jaspan <bjaspan@MIT.EDU>
Cc: krb5-bugs@MIT.EDU, kerberos@MIT.EDU
Date: Mon, 23 Sep 1996 12:52:49 -0500
From: Jon Roma <roma@uiuc.edu>
> (In my experimentation with principals that I found that had a maximum
> ticket life of 0, I was able to get kadmin to set the maximum ticket life
> to negative values and for kinit to generate tickets with these bad values.
> I'll document further in a separate note if this is not a known situation.)
>
>Let me guess... you decided to set a maximum ticket lifetime of N
>seconds (say, 36000, which could be 10 hours) and decided to enter the
>number explicitly as -maxlife 36000 instead of using a unit as in
>-maxlife "10 hours".
Actually, that and a bit more happened. While still investigating the
zero-life principal thing resulting from my kdc.conf not being read, I
tried specifying a variety of things on the modprinc subcommand in kadmin.
-maxlife 10 generated a negative maxlife result, where
abs(lifetime) == time since 10 a.m. local time
-maxlife 10h generated a positive maxlife result, where the
-maxlife "10 h" lifetime seems to be the amount of time
remaining to the top of the next hour!
-maxlife 10hours correctly generated the intended maxlife value
-maxlife "10 hours"
-maxlife 10h30m syntax error
-maxlife "10h 30m" syntax error
-maxlife "10 hours 30 minutes" correctly generated the intended maxlife value
Thanks for your explanation of how this is supposed to work.
>This is obviously a design flaw, because a very natural sysadmin
>behavior (specifying the seconds explicitly) gives such unexpected and
>confusing results. I thought we had decided on a fix for this but it
>seems to have been missed; I'll make sure it gets addressed.
Agreed.
The documentation (V5 System Administrator's Guide for beta 7, section 3.2,
page 8) specifies a variety of valid date formats, though it doesn't imply
that the list is exhaustive. An example or two would probably serve to
clarify, though I do think the software should deny any argument resulting
in an illogical or invalid value. Thoughts for your consideration:
(1) Though the format "10h" -- quoted or unquoted -- isn't specifically
listed, I intuitively (but incorrectly) assumed that the same syntax
"10h 0m 0s" used in the sample krb5.conf file would be acceptable
to kadmin. Further, the format `kinit -l10h" is valid though
`kinit -l10h30m' is not. Should all these various formats be made
consistent?
(2) I would presume that some of the date formats should not be
considered valid in certain cases, depending on whether a duration
or time is expected.
(3) My thought is that generating a negative maxlife value could be
prohibited, as it's rather nonsensical (and kadmind doesn't display
it properly anyway)
Maximum ticket life: 0 days -3:-23:-26
And further, should kinit be permitted to generate a ticket with
a negative lifetime when the maxlife value is set this way?
