new error message/return code for kdb5_util unsupported commands

greg@enjellic.com greg at enjellic.com
Fri May 26 10:24:58 EDT 2006 

On May 24,  8:39pm, Will Fiveash wrote:
} Subject: new error message/return code for kdb5_util unsupported commands

Good morning, hope everyone's day is starting well.

> On Wed, May 24, 2006 at 08:12:52PM -0500, Will Fiveash wrote:
> > 
> > - Regardless of the above kdb5_util should not core dump regardless of
> >   the backend being used.  There needs to be better NULL function
> >   pointer checking in the kdb code.

> Can we get a new error message here to indicate an operation is not
> supported by the current database type?  It would be nice to have a
> meaningful error message here since the kdb5_util commands are not
> orthogonal in relation to the DB backend.

I usually hate to crash head long into group think but its Friday
going into a long weekend......

I understand the motivations in sacrificing 15+ years of well
documented security practices at the altar of manageability.  I don't
agree with them but do understand them.  Watching 4 months of dialogue
on this issue causes me to believe the horse is being approached from
the wrong end, which tends to result in getting kicked in the
privates.

LDAP is a protocol not a database.  Has anyone considered bolting an
LDAP interface onto the KDC?

OpenLDAP already has a collection of back-ends.  I've considered
engineering an MIT/KDC implementation to add to the list.  If someone
can explain why this is wrong-headed I won't add it to my personal
amusement list for the summer.

> Will Fiveash

Best wishes for a pleasant weekend to everyone.

Greg

}-- End of excerpt from Will Fiveash

As always,
Dr. G.W. Wettstein, Ph.D.   Enjellic Systems Development, LLC.
4206 N. 19th Ave.           Specializing in information infra-structure
Fargo, ND  58102            development.
PH: 701-281-1686
FAX: 701-281-3949           EMAIL: greg at enjellic.com
------------------------------------------------------------------------------
"Nullum magnum ingenium sine mixtura dementiae fuit."
        (There is no great genius without some touch of madness.)
                                -- Seneca

More information about the krbdev mailing list