[27208] in Kerberos
Re: "If you choose to install a stash file..."
daemon@ATHENA.MIT.EDU (Jeffrey Hutzelman)
Thu Jan 11 21:11:58 2007
Date: Thu, 11 Jan 2007 21:11:22 -0500
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: Ken Hornstein <kenh@cmf.nrl.navy.mil>, kerberos@mit.edu
Message-ID: <6BAF990A345454F6656FA3A7@sirius.fac.cs.cmu.edu>
In-Reply-To: <200701120132.l0C1Wuvw003111@ginger.cmf.nrl.navy.mil>
MIME-Version: 1.0
Content-Disposition: inline
Cc: Jeffrey Hutzelman <jhutz@cmu.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Thursday, January 11, 2007 08:32:57 PM -0500 Ken Hornstein
<kenh@cmf.nrl.navy.mil> wrote:
>> Continuing on, when using a stash, kdb5_util will create a
>> $DUMPFILE.dump_ok file, containing a single null byte. But when run
>> without a stash, the dump_ok file isn't created, probably because it
>> couldn't verify that the file isn't corrupt.
>
> I was curious about this, so I took a look at it. The reason .dump_ok
> isn't written is because the variable exit_status is incremented when the
> master key isn't available. But when the master key _is_ available,
> no verification is done (other than on the master key itself). So
> it's not like there is some kind of corruption check that the master
> key enables; all the entries (except for the master key) could be garbage
> and having a stash file wouldn't help you.
Right. Note that having the master key has no effect on what sorts of
checks you can perform on database integrity. The _only_ thing it is used
for is encrypting the _keys_ in the database. And since those have no
structure or meaning, you couldn't check them for validity anyway.
-- Jeff
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
