[2385] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5-admin/140: filter tl_data types < 256

daemon@ATHENA.MIT.EDU (bjaspan@MIT.EDU)
Fri Nov 1 10:57:16 1996

Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: bjaspan@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, bjaspan@MIT.EDU
Date: Fri, 1 Nov 1996 10:56:35 -0500
From: bjaspan@MIT.EDU
Reply-To: bjaspan@MIT.EDU
To: krb5-bugs@MIT.EDU

>Number:         140
>Category:       krb5-admin
>Synopsis:       filter tl_data types < 256
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bjaspan
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Fri Nov e 10:57:00 EST 1996
>Last-Modified:
>Originator:     Barry Jaspan
>Organization:
mit
>Release:        1.0-development
>Environment:

System: SunOS DUN-DUN-NOODLES 5.4 Generic_101945-37 sun4m sparc

>Description:

Marc has proposed semantics for the tl_data type namespace in which
all types < 256 are reserved for "internal use" by Kerberos and thus
cannot be defined by applications, I agree, and no one else has
complained.  Therefore, (a) document it, and (b) make get_principal
and modify_principal filter out those types so kadm5 clients never see
them and cannot set them.

>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2385] in Kerberos-V5-bugs

krb5-admin/140: filter tl_data types < 256

daemon@ATHENA.MIT.EDU (bjaspan@MIT.EDU)Fri Nov 1 10:57:16 1996

daemon@ATHENA.MIT.EDU (bjaspan@MIT.EDU)
Fri Nov 1 10:57:16 1996