[2329] in Kerberos-V5-bugs
krb5-admin/89: dump/load inter-version inconsistencies
daemon@ATHENA.MIT.EDU (bjaspan@MIT.EDU)
Wed Oct 9 18:16:42 1996
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: bjaspan@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, bjaspan@MIT.EDU
Date: Wed, 9 Oct 1996 18:14:40 -0400
From: bjaspan@MIT.EDU
Reply-To: bjaspan@MIT.EDU
To: krb5-bugs@MIT.EDU
>Number: 89
>Category: krb5-admin
>Synopsis: dump/load inter-version inconsistencies
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bjaspan
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Oct e 18:15:01 EDT 1996
>Last-Modified:
>Originator: Barry Jaspan
>Organization:
mit
>Release: 1.0-development
>Environment:
System: SunOS DUN-DUN-NOODLES 5.4 Generic_101945-37 sun4m sparc
>Description:
The beta 6 database format contains tagged data, so the beta 6 dump
format also contains them. Therefore, kdb5_util dump -b6 dumps all
the tagged data, including the record that contains a principal's
policy and password history information. If someone dumps a b6
database, then loads it back in with kdb5_util load, the policy
records will be lost (because b6 didn't contain them), but the
principal's pointers to the policies will be preserved.
The solution is probably for kdb5_util dump -b6 not to dump the KADM5
tagged data, since it knows for a fact tath the b6 database won't do
anything with it.
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
