info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: patch to gssapi server authentication to accept any server

From: Derek R. Price
Subject: Re: patch to gssapi server authentication to accept any server
Date: Fri, 02 Mar 2001 08:13:37 -0500 
Assar Westerlund wrote:

[... Kerberos explanations ...]


> I hope this makes it clearer.

Yeah, it does.  I want to get Kerberos set up here so I can do some testing
before I check things in, but it should go in.  It'll probably be a few weeks
since I'm going to be on vacation next week.

A few more questions for my personal edification, though:

Is the "cvs" portion of the "cvs/address@hidden" that the server verifies all 
that
prevents the client from obtaining a ticket for, say,
"telnet/address@hidden" and using that to accerss CVS?

Is it possible for the Kerberos server to grant a ticket to the CVS client
(assumedly through the CVS server) for anything other than
"cvs/<somehost>@EXAMPLE.COM"?  In what cases?

Derek

--
Derek Price                      CVS Solutions Architect ( http://CVSHome.org )
mailto:address@hidden     OpenAvenue ( http://OpenAvenue.com )
--
I have sworn upon the alter of God eternal hostility against every form of
tyranny over the mind of man.

                        - Thomas Jefferson
reply via email to
[Prev in Thread] Current Thread [Next in Thread]