how should plug-ins be located on Windows?
Ken Raeburn
raeburn at MIT.EDU
Tue Aug 7 22:29:06 EDT 2007
On Aug 6, 2007, at 22:54, Jeffrey Altman wrote:
> Has anyone given any thought to how they would like to see plug-ins be
> configured on Windows?
>
> The Windows way would be to use a registry key that is accessible only
> to the "Administrator" as a place to list plug-ins to be loaded.
>
> HKLM\Software\MIT\Kerberos5\Plugins
Sounds okay, though I think a user should be able to override that
for non-privileged programs they're running.
> What about digital signatures? I would like to see an option that
> would
> require that plug-ins be digitally signed if the Kerberos libraries
> are
> digitally signed.
I'd like to hear more about your idea. Would this be Windows-
specific? Why is the requirement on plugins tied to the signing of
the library? How would you test whether the library is signed? How
would you validate the plugin's signature without a race condition?
What's the threat model, where digital signatures on plugins help but
(I presume) the config file can be trusted?
This sounds like a much bigger project than just getting KfW to load
plugins; might be best to treat it separately, unless you've got a
good reason why they should be linked.
Ken
More information about the krbdev
mailing list