(MIT) Kerberos V and PHP(4)?

Steve Langasek vorlon at dodds.net
Sun Dec 29 01:52:23 EST 2002 

On Sun, Dec 29, 2002 at 12:22:19AM +0100, Turbo Fredriksson wrote:
> >>>>> "Steve" == Steve Langasek <vorlon at dodds.net> writes:

>     Steve> On Sat, Dec 28, 2002 at 08:04:23PM +0100, Turbo Fredriksson
>     Steve> wrote:
>     >> Have anyone (heard of) something that can get me tickets, add
>     >> and remove principals, change passwords etc from a PHP
>     >> 'script'?

>     >> I'd prefers not to go through external commands and/or scripts,
>     >> but use a proper API. Searching for this on the web revealed
>     >> nothing! This is the last attempt. If no one HERE know
>     >> anything, then it doesn't exists :)

>     Steve> If it exists, it hasn't been announced for the benefit of
>     Steve> others to download.  Personally, I think you're much better
>     Steve> off using external commands than trying to sanely expose
>     Steve> the Kerberos API to the weakly-typed PHP.

> Now we're talking! This is exactly why I haven't already started to
> implement the API in PHP. I suspected that someone would object
> for some reason. I have no idea myself why this would be a bad idea,
> so please enlightenment me (no pun or sarcasm intended!).

The only way to represent opaque pointers (something the Kerberos API
deals heavily in) in PHP is as a 'reference' -- an integer offset into a
lookup table for the specified object type.  It's possible for a PHP
extension to do runtime type checking of a reference to prevent
segfaults, but the programmer really has no way to tell one type of
reference from another within a PHP script: given that one may be working
with ten or so opaque data types at a time in some portions of the KRB5
API, I don't relish the idea of trying to keep track of these in a weakly
typed language; it lends itself to fragile code.

Alternatively, you could only expose a limited number of specific,
higher-level Kerberos functions to the PHP script, corresponding to common
operations you're likely to perform; but at that point, I see little
advantage to not simply wrapping the commandline tools, which have already
been written.

I also think the number of PHP programmers in the world who could safely
be trusted to not botch the security of a Kerberos extension is in the low
double-digits (optimistically), so I don't imagine you'd get much help in
coding such an extension.

-- 
Steve Langasek
postmodern programmer

More information about the Kerberos mailing list