[1920] in Kerberos_V5_Development
Re: Cygnus changes for your consideration
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Thu Oct 31 15:46:05 1996
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: eichin@cygnus.com, tytso@MIT.EDU, krbdev@MIT.EDU
In-Reply-To: Your message of "Thu, 31 Oct 1996 14:29:09 EST."
<9610311929.AA05559@DUN-DUN-NOODLES.MIT.EDU>
Date: Thu, 31 Oct 1996 15:45:01 EST
From: Marc Horowitz <marc@MIT.EDU>
In message <9610311929.AA05559@DUN-DUN-NOODLES.MIT.EDU>, "Barry Jaspan" <bjaspan@MIT.EDU> writes:
>> And how does this
>> interact with tl_data types that the server knows about (mod time and
>> such that are stored in tl_data)?
>>
>> The client has to pass to kadm5_modify_principal all the tl_data
>> entries that it got from kadm5_get_principal that it does not
>> explicitly know about.
I don't like this. "internal" tl_data should not be exposed to the
administrator, and should not be accepted as part of a
modify_principal request. Otherwise, the admin could change stuff
like the last_mod times, and parts of the admin data which are
"read-only". The semantics are also unclear. If I have a mod_princ
tl_data in my modify_principal request, does that end up in the
database, or the one which the server constructs? or both? It's
easiest and most sensible just to filter out all tl_data types <= 255
from the request.
Marc
