gssftpd and gss_acquire_cred

Russ Allbery rra at
Mon Nov 16 21:56:43 EST 2009

Ken Hornstein <kenh at> writes:

>>Convincing arguments about the safety of forgoing the address checks
>>in the kpasswd case are also welcome.

> Honestly, that's what I do.  It has the added advantage of being a lot
> less code.

I suggest checking how many large Kerberos sites have a web site where
users can change passwords.  I bet it's a lot of them (I know we have one,
as do most of the peer institutions I've talked to).  None of them are
doing Kerberos-style IP checking, and I bet at most of those sites that's
how all the regular users change their passwords.

I think you'll find that most deployments have, in effect, turned off
address checking already.

Russ Allbery (rra at             <>

More information about the krbdev mailing list