[1124] in Moira
Recursive list admin weirdness
daemon@ATHENA.MIT.EDU (Nathan J. Williams)
Sun Sep 21 16:29:19 1997
To: bug-moira@MIT.EDU
Cc: zeno@MIT.EDU
From: "Nathan J. Williams" <nathanw@MIT.EDU>
Date: Sun, 21 Sep 1997 16:28:55 EDT
I got some mail today to a list I didn't recognize. As usual,
I started looking at the list membership to see why I got the
mail. Eventually I found this (usernames omitted):
42 wile-e-coyote:nathanw>blanche btg-admin -m
<user>
<user>
<user>
<user>
<user>
<user>
<user>
LIST:n
Now, LIST:n is a list of mine, and it contains USER:nathanw
and KERBEROS:nathanw@ATHENA.MIT.EDU. I don't know why it was added to
this, but it shouldn't be there. btg-admin is self-owned, and my
understanding of Moira list priveleges then implies that since I'm on
btg-admin (via LIST:n), I should be able to remove it. So I tried, and
got the following:
140 wile-e-coyote:nathanw>blanche btg-admin -d n
blanche: No records in database match query while deleting member n from btg-admin
This was followed by a zephyr to class moira, instance moira:
Moira server encountered DBMS ERROR 2112 SQL-02112: PCC: SELECT..INTO returns too many rows
A further test of priveleges made it look like I had no
priveleges on ths list; further operations just failed. But trying to
delete n had the same repeatable effect.
After some more fiddling around, I deleted
KERBEROS:nathanw@ATHENA.MIT.EDU from n, and was then able to remove n
from btg-admin without incident.
I was able to reproduce this on another list; the presence of
KERBEROS:nathanw@ATHENA.MIT.EDU on a sublist on a self-owned list was
sufficent to foul things up, even if I was on the list directly.
I don't understand this, but I'm pretty sure it's not
right. Adding a Kerberos principal to a list shold not (a) cause
permission semantics to go haywire and (b) cause errors to be logged
when those permissions are invoked.
- Nathan
