URL: https://github.com/freeipa/freeipa/pull/381 Title: #381: disable hostname canonicalization by Kerberos library
simo5 commented: """ @martbab this change actually improves security by avoiding a DNS lookup that could be manipulated by an attacker, however it also means some setups may break, because they depend on canonicalization to actually get the correct name, and should be documented in release notes. """ See the full comment at https://github.com/freeipa/freeipa/pull/381#issuecomment-271875472
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
