[995] in Kerberos_V5_Development
Re: removing user-user authentication from rcp client
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Mon Feb 5 20:45:59 1996
Date: Mon, 5 Feb 1996 20:45:50 -0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: "Donald T. Davis" <don@cam.ov.com>
Cc: hartmans@MIT.EDU, don@cam.ov.com, krbdev@MIT.EDU, swick@x.org
In-Reply-To: Donald T. Davis's message of Fri, 02 Feb 1996 20:57:58 -0500,
<199602030157.UAA06747@gza-client1.cam.ov.com>
Date: Fri, 02 Feb 1996 20:57:58 -0500
From: "Donald T. Davis" <don@cam.ov.com>
* i'm very surprised to learn that rcp currently demands
a tgt on each end. this is regrettable; i never intended
that any command should use only the 2-tgt protocol.
u2u was supposed to be a fallback, to be used only when
the requested server didn't have a srvtab. so, i agree
that for rcp always to require 2 tgts is broken.
Keep in mind that the rcp u2u implementation was done by a graduate
student working at ISI, under Cliff's direction. There were a number of
things about how u2u was done which I considered to be a Mistake, but
the code was checked into the tree before I looked at it very carefully.
It was on my list of things to fix, but given that secure FTP (which is
now in the MIT tree) is a much better long-range solution than rcp, I
didn't work really hard on fixing up rcp. I am really glad Sam finally
got around to fixing it though.
Note that the X11 Krb5 work which Tom has been working on allows
*either* u2u or the traditional srvtab based model, at the server's
discretion. After all, it's the X server that knows whether a TGT or a
srvtab is available to it, and so it informs the X client whether it
should engage in the u2u protocol, or whether it should use the
traditional krb5 application protocol --- and if so, what the server
principal the client should use as the target of its authentication.
BTW, note that one of the real potential trouble spots with u2u is that
you *do* need to have an access control list on the client if mutual
authentication is important. After all, if you're popping up a xterm
with a shell prompt, you really want to make sure it ends up on the
right X server..... <grin>
- Ted
