[1003] in Kerberos_V5_Development
Re: X authentication stuff
daemon@ATHENA.MIT.EDU (Ezra Peisach)
Wed Feb 7 09:51:42 1996
To: hartmans@MIT.EDU (Sam Hartman)
Cc: krbdev@MIT.EDU, "Ralph R. Swick" <swick@x.org>,
"Donald T. Davis" <don@cam.ov.com>
In-Reply-To: Your message of "06 Feb 1996 23:28:02 EST."
<tsl91ifahf1.fsf_-_@tertius.mit.edu>
Date: Wed, 07 Feb 1996 09:51:29 EST
From: Ezra Peisach <epeisach@MIT.EDU>
I may be misunderstanding what you are trying to get at with the
checksum issue but let me ask a question.... Is the checksum being computed
every so often after a client has been authorized to connect to the server?
Would the X server be modified not to act upon any complete request without
the checksum being validated? I guess I would want to know at what level
is each checksum to be validated before passing to the lower layers...
You could do serious "damage" by allowing one packet to be processed that is
not valid...
Ezra
