[3331] in Kerberos-V5-bugs
krb5-kdc/1081: Need a way to allow user-to-user but not other TGS-REQs
daemon@ATHENA.MIT.EDU (Matt Crawford)
Thu Mar 28 10:30:07 2002
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@mit.edu, crawdad@gungnir.fnal.gov
Message-Id: <200203281525.g2SFPWM25016@gungnir.fnal.gov>
From: Matt Crawford <crawdad@gungnir.fnal.gov>
Reply-To: crawdad@gungnir.fnal.gov
To: krb5-bugs@mit.edu
Cc: crawdad@gungnir.fnal.gov
Errors-To: krb5-bugs-admin@mit.edu
Date: Thu, 28 Mar 2002 09:25:32 -0600 (CST)
>Number: 1081
>Category: krb5-kdc
>Synopsis: enhancement request: allow user2user only
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Thu Mar 28 10:26:00 EST 2002
>Last-Modified:
>Originator: Matt Crawford
>Organization:
Fermilab
>Release: krb5-1.2.3
>Environment:
Sun Netra-1 Solaris 2.8
System: SunOS gungnir.fnal.gov 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-1
Architecture: sun4
>Description:
KRB5_KDB_DISALLOW_SVR disallows all TGS requests for a given
service principal. There needs to be away to disallow all but
USER2USER.
>How-To-Repeat:
Test with sample uuclient/uuserver
>Fix:
Suggestions have appeared in krbdev list. I'm just being a good
boy by putting this into the bug queue to keep it on the radar.
>Audit-Trail:
>Unformatted:
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
