diff options
author | Ken Raeburn <raeburn@mit.edu> | 2008-08-04 21:39:10 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2008-08-04 21:39:10 +0000 |
commit | 42c753c7976b1192ba5d5279f5d6c0302e18fc8d (patch) | |
tree | 725ebf035cfa1c82d06174eade390c4f8f97d36d /doc | |
parent | 133712b8f054d5bd3e0ed903114ff1d6f3ab89b8 (diff) | |
download | krb5-42c753c7976b1192ba5d5279f5d6c0302e18fc8d.tar.gz krb5-42c753c7976b1192ba5d5279f5d6c0302e18fc8d.tar.xz krb5-42c753c7976b1192ba5d5279f5d6c0302e18fc8d.zip |
some comments from Love
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20604 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc')
-rw-r--r-- | doc/iprop-notes.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/iprop-notes.txt b/doc/iprop-notes.txt index 890efdc1e9..8efee36f66 100644 --- a/doc/iprop-notes.txt +++ b/doc/iprop-notes.txt @@ -126,3 +126,15 @@ it in debug mode ("-d"). You'll still lose all output from the invocation of kdb5_util dump and kprop run out of kadmind. Other man page updates needed: Anything with new -x options. + +Comments from lha: + +Verify both client and server are demanding privacy from RPC. + +Authorization code in check_iprop_rpcsec_auth is weird. Check realm +checking, is it trusting the client realm length? + +What will happen if my realm is named "A" and I can get a cross realm +(though multihop) to ATHENA.MIT.EDU's iprop server? + +Why is the ACL not applied before we get to the functions themselves? |