a suggestion for reducing use of kdc.conf

Nico Williams nico at cryptonector.com
Thu May 9 15:27:01 EDT 2013

On Thu, May 9, 2013 at 10:33 AM, Nathaniel McCallum
<npmccallum at redhat.com> wrote:
> However, I'm not really having a fan of having any of the RADIUS
> configuration globally readable. I like Greg's include idea the best.

If it's just configuration, and there are no secrets in there, why not
have it be world-readable?  What are we hiding?  :)

I mean that seriously though, in spite of the smiley.  I'm on the
lookout for security through obscurity here.

More information about the krbdev mailing list