[1587] in Kerberos_V5_Development
Re: ftpd should allow protection to be required
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Aug 15 18:08:23 1996
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: brlewis@MIT.EDU, krbdev@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 15 Aug 1996 18:08:16 -0400
In-Reply-To: "Barry Jaspan"'s message of Thu, 15 Aug 96 10:51:10 -0400
>>>>> ""Barry" == "Barry Jaspan" <bjaspan@MIT.EDU> writes:
"Barry> My other beef with the protocol is that you can't use
"Barry> kerberos encryption unless your principal is authorized to
"Barry> login, so you can't just encrypt with kerberos and type a
"Barry> password to login as somebody else.
"Barry> rlogin/d has this same limitation, too, which I think is
"Barry> very unfortunate. We were going to fix it at OV but never
"Barry> got around to it.
I think there is a command line option that is documented to
allow this, but I'm fairly certain the implementation is broken. It
shouldn't be impossible to fix.
"Barry> Barry
