[863] in Kerberos-V5-bugs
Forwarding of credentials with rlogin.
daemon@ATHENA.MIT.EDU (epeisach@MIT.EDU)
Fri Oct 14 19:23:28 1994
From: epeisach@MIT.EDU
Date: Fri, 14 Oct 1994 19:23:21 -0400
To: krb5-bugs@MIT.EDU
A ticket cache is selected based on the processid of rlogind. An
environment variable is set, but then login.krb wipes out the parent
environment. This makes it less that useful for kerberized rlogin. (krsh
should work at maintaining it for single processes).
I see three solutions:
a) login can guess the name based on the parent pid
b) login.krb can save that one environment variable
c) login.krb can be passed another flag (say -c) which will take as an
optional argument the cache name which is set as the environment...
Proper security checks would have to be made probably as to the
ownership of this file if it exists, etc...
I prefer option (c).
Oh yeah - the rlogin man page does not mention -f, -F, etc.
Ezra
