From crawdad@gungnir.fnal.gov Thu Mar 28 10:25:34 2002
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id KAA06130
for <bugs@RT-11.mit.edu>; Thu, 28 Mar 2002 10:25:34 -0500 (EST)
Received: from fnal.gov (heffalump.fnal.gov [131.225.9.20])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id KAA09562
for <krb5-bugs@mit.edu>; Thu, 28 Mar 2002 10:25:33 -0500 (EST)
Received: from gungnir.fnal.gov ([131.225.80.1])
by smtp.fnal.gov (PMDF V6.0-24 #37519)
with ESMTP id <0GTO00EJ7W6LKT@smtp.fnal.gov> for krb5-bugs@mit.edu; Thu,
28 Mar 2002 09:25:33 -0600 (CST)
Received: (from crawdad@localhost) by gungnir.fnal.gov (8.10.2+Sun/8.10.2)
id g2SFPWM25016; Thu, 28 Mar 2002 09:25:32 -0600 (CST)
Message-Id: <200203281525.g2SFPWM25016@gungnir.fnal.gov>
Date: Thu, 28 Mar 2002 09:25:32 -0600 (CST)
From: Matt Crawford <crawdad@gungnir.fnal.gov>
Reply-To: crawdad@gungnir.fnal.gov
To: krb5-bugs@mit.edu
Cc: crawdad@gungnir.fnal.gov
Subject: Need a way to allow user-to-user but not other TGS-REQs
X-Send-Pr-Version: 3.99
System: SunOS gungnir.fnal.gov 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-1
Architecture: sun4
service principal. There needs to be away to disallow all but
USER2USER.
boy by putting this into the bug queue to keep it on the radar.
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id KAA06130
for <bugs@RT-11.mit.edu>; Thu, 28 Mar 2002 10:25:34 -0500 (EST)
Received: from fnal.gov (heffalump.fnal.gov [131.225.9.20])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id KAA09562
for <krb5-bugs@mit.edu>; Thu, 28 Mar 2002 10:25:33 -0500 (EST)
Received: from gungnir.fnal.gov ([131.225.80.1])
by smtp.fnal.gov (PMDF V6.0-24 #37519)
with ESMTP id <0GTO00EJ7W6LKT@smtp.fnal.gov> for krb5-bugs@mit.edu; Thu,
28 Mar 2002 09:25:33 -0600 (CST)
Received: (from crawdad@localhost) by gungnir.fnal.gov (8.10.2+Sun/8.10.2)
id g2SFPWM25016; Thu, 28 Mar 2002 09:25:32 -0600 (CST)
Message-Id: <200203281525.g2SFPWM25016@gungnir.fnal.gov>
Date: Thu, 28 Mar 2002 09:25:32 -0600 (CST)
From: Matt Crawford <crawdad@gungnir.fnal.gov>
Reply-To: crawdad@gungnir.fnal.gov
To: krb5-bugs@mit.edu
Cc: crawdad@gungnir.fnal.gov
Subject: Need a way to allow user-to-user but not other TGS-REQs
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 1081
>Category: krb5-kdc
>Synopsis: enhancement request: allow user2user only
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Thu Mar 28 10:26:00 EST 2002
>Last-Modified:
>Originator: Matt Crawford
>Organization:
Fermilab>Category: krb5-kdc
>Synopsis: enhancement request: allow user2user only
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Thu Mar 28 10:26:00 EST 2002
>Last-Modified:
>Originator: Matt Crawford
>Organization:
Show quoted text
>Release: krb5-1.2.3
>Environment:
Sun Netra-1 Solaris 2.8>Environment:
System: SunOS gungnir.fnal.gov 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-1
Architecture: sun4
Show quoted text
>Description:
KRB5_KDB_DISALLOW_SVR disallows all TGS requests for a givenservice principal. There needs to be away to disallow all but
USER2USER.
Show quoted text
>How-To-Repeat:
Test with sample uuclient/uuserverShow quoted text
>Fix:
Suggestions have appeared in krbdev list. I'm just being a goodboy by putting this into the bug queue to keep it on the radar.
Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: