[109] in Kerberos
Re: Operations and Maintenance of RV
jon@ATHENA.MIT.EDU (jon@ATHENA.MIT.EDU)
Sun Aug 9 21:29:29 1987
From miller%erlang.DEC@decwrl.DEC.COM Tue Sep 30 00:44:04 1986
Date: 29-Sep-1986 1650
From: miller%erlang.DEC@decwrl.DEC.COM (Steve Miller)
To: kerberos@athena.mit.edu, rvd-info@athena.mit.edu,
miller%erlang.DEC@decwrl.DEC.COM
Subject: Re: Operations and Maintenance of RVDs kludge
I have trouble with the kludge suggested by Jeff. It not only mixes
authentication and authorization, but naming as well. It could set
a dangerous precedent on use of names for privileges.
I believe that in such cases, the name can be used by convention as
a HINT. In other words, all privileged access requests might require
instance "rvd-admin", but would still be subject to some type of
authorization system. But even the use as a HINT is questionable, and
should only be done if it simplifies management.
Another temporary alternative for RVD administration is to clone to routines
Mark setup for the rcmd stuff, and use the same routines with a separate
file listing the authorized Kerberos names who are valid rvd administrators.
I had previously suggested making this form of local authorization more
generic than just rcmd.
Steve.
