[1250] in Kerberos_V5_Development
Re: kadm5_init, acquiring initial credentials
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Thu May 30 07:56:10 1996
Date: Thu, 30 May 1996 07:55:49 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: basch@lehman.com, krbdev@MIT.EDU
In-Reply-To: Barry Jaspan's message of Wed, 29 May 96 22:56:21 -0400,
<9605300256.AA26871@beeblebrox.MIT.EDU>
I believe the kadmin client should have a mode (and it should probably
be the default) where it obtains the credentials (preferably in a memory
based ccache), and destroys them when it is done.
If you consider the typical (somewhat clueless) user accounts
administrator, requiring them to use a "kinit, kadmin, kdestroy"
sequence will probably result in them forgetting to kdestroy their
tickets, and possibly leaving them around for someone to misuse. Since
"carla/admin" tickets shouldn't be useful for any other application, it
seems fair that kadmin should acquire them, use then, and upon exit,
destroy them.
- Ted
