[16237] in Kerberos_V5_Development
Re: Processing .k5login (another patch)
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Sep 2 11:47:59 2010
From: Sam Hartman <hartmans@mit.edu>
To: Nicolas Williams <Nicolas.Williams@oracle.com>
Date: Thu, 02 Sep 2010 11:47:54 -0400
In-Reply-To: <20100901215156.GN1198@oracle.com> (Nicolas Williams's message of
"Wed, 1 Sep 2010 16:51:56 -0500")
Message-ID: <tslvd6ogn9x.fsf@live.mit.edu>
MIME-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams@oracle.com> writes:
Nicolas> I'd rather have an option for specifying the location of
Nicolas> the k5login file, so it can be moved into a location where
Nicolas> the user cannot control it.
+1
In preference order
1) Have an option to set directory where .k5login is found
2) Both 1 and 3
3) have an option to disable .k5login processing
4) none of the above
rationale: 1 gives you enough rope that 3 is not needed. I think I could
even explain that to an audit firm:-).
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
