ok as delegate
Wachdorf, Daniel R
drwachd at sandia.gov
Tue Apr 11 17:10:19 EDT 2006
There was some discussion previously on the list as to why this is not
currently in the code base.
From: krbdev-bounces at MIT.EDU [mailto:krbdev-bounces at MIT.EDU] On Behalf
Of Paul Moore
Sent: Tuesday, April 11, 2006 3:07 PM
To: krbdev at MIT.EDU
Subject: ok as delegate
Apologies if this has been debated before.
1510 says that the ok as delegate flag should be used by a client to
disable or enable the forwarding of a tgt to a machine.
The current MIT implementation does not pay attention to this flag at
all (apart from klist). Certainly the gssapi layer could easily be
modified to do this. For older things (like telnet) they would have to
be modified on a case by case basis.
Is there any reason why this check is not done?
krbdev mailing list krbdev at mit.edu
More information about the krbdev