Sreedhar Gupta wrote: > Hi, > Can any one please explain me why SUID bit set for "Kadmin" (remote admin).
Well, it isn't set on my installation. In your case, I suppose it has been set to allow kerberos administration delegation to a simple local user (i.e. not root on the machine). Suppose you have to administrate a kerberos enabled ftp server on a specific host, on which you are not root. You will have to write keytabs to /etc/krb5.keytabs, which belongs to root and should not be world readable (nor writeable :). If the kadmin binary isn't setuid root, you will never be able to update the file. If it is, well you get the picture. -- Emmanuel le Chevoir ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
