porting CCAPI to UNIX
Ken Raeburn
raeburn at MIT.EDU
Wed May 9 16:54:15 EDT 2007
On May 9, 2007, at 15:41, Russ Allbery wrote:
> Ken Raeburn <raeburn at MIT.EDU> writes:
>> On May 9, 2007, at 15:31, Russ Allbery wrote:
>
>>> AFS PAGs provide cross-session process isolation (well, not from
>>> root,
>>> but that's a different matter). I was actually under the impression
>>> that keyrings did as well.
>
>> Not when I tried running some keyring tests.
>
> Are you using session keyrings? It seems to work for me with the
> keyrings
> used by AFS, but AFS is creating them as a privileged user as session
> keyrings.
I had the impression that the keyring ccache code contributed was
using session keyrings, but I could be wrong. My test was to run
kinit in one login session using a keyring, and see if I could see
the credentials from another login session.
Ken
More information about the krbdev
mailing list