[32625] in Kerberos
Re: Query regarding ksu.
daemon@ATHENA.MIT.EDU (Use Nas)
Thu Sep 2 01:42:36 2010
MIME-Version: 1.0
In-Reply-To: <tslk4n5jmi7.fsf@live.mit.edu>
Date: Thu, 2 Sep 2010 11:12:31 +0530
Message-ID: <AANLkTik0Y3ZcxEcPBS0hNZbDTajRUNtC5ds1aejeEh7G@mail.gmail.com>
From: Use Nas <usenas@gmail.com>
To: Sam Hartman <hartmans@mit.edu>
Cc: krbdev@mit.edu, kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Sam,
>If I ksu to a user whitout ticket I expect ksu to ask for the password
>for which -n is supplied and/or the default that is inferred if -n is
>not available.
If there are no tickets (in cache) for the required user, ksu ( without
using -n flag) will ask for a password, even if the source user is "root"
.Am i correct ?
-S
On Thu, Sep 2, 2010 at 12:54 AM, Sam Hartman <hartmans@mit.edu> wrote:
> >>>>> "Russ" == Russ Allbery <rra@stanford.edu> writes:
>
> Russ> Presumably if you ksu'd without a password or a ticket to
> Russ> another user, you wouldn't get Kerberos tickets for that user
> Russ> and it would just be acting like su. Yes, root has no special
> Russ> ability to get tickets for another user without knowing that
> Russ> user's credentials.
>
> If I ksu to a user whitout ticket I expect ksu to ask for the password
> for which -n is supplied and/or the default that is inferred if -n is
> not available.
>
> --Sam
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
