krb5-kdc/1081: Need a way to allow user-to-user but not other TGS-REQs
Matt Crawford
crawdad at gungnir.fnal.gov
Thu Mar 28 10:25:32 EST 2002
>Number: 1081
>Category: krb5-kdc
>Synopsis: enhancement request: allow user2user only
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Thu Mar 28 10:26:00 EST 2002
>Last-Modified:
>Originator: Matt Crawford
>Organization:
Fermilab
>Release: krb5-1.2.3
>Environment:
Sun Netra-1 Solaris 2.8
System: SunOS gungnir.fnal.gov 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-1
Architecture: sun4
>Description:
KRB5_KDB_DISALLOW_SVR disallows all TGS requests for a given
service principal. There needs to be away to disallow all but
USER2USER.
>How-To-Repeat:
Test with sample uuclient/uuserver
>Fix:
Suggestions have appeared in krbdev list. I'm just being a good
boy by putting this into the bug queue to keep it on the radar.
>Audit-Trail:
>Unformatted:
More information about the krb5-bugs
mailing list