Well, we have gone so far as to require the end user to take specific effort to "enable" an "insecure" option to even get them to build...
Not sure though - what options are being used to build the binary releases? -- Nathan ------------------------------------------------------------ Nathan Neulinger EMail: [EMAIL PROTECTED] University of Missouri - Rolla Phone: (573) 341-4841 Computing Services Fax: (573) 341-4216 > -----Original Message----- > From: Harald Barth [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 16, 2002 11:53 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: [OpenAFS-devel] How can I use rsh to connect with AFS > > > > There exist a bunch of forwarding mechanisms for tickets and > tokens which all > have different problems, some have bad security, some have no > security, some > depend on the IP addr some on the endianess of the computers > involved, just to > mention some. > > Not passing the tokens is better than passing them with some kind of > encryption over whatever channel. > > As there nowadays exist krb5 enabled r* utilities which can be > configured to forward tickets and get tokens from that tickets, I > suggest scrapping all odd ticket or token passing mechanisms, > including the r* stuff currently distributed with openafs. > > OK, I like to paint things black and white. > > Harald. > _______________________________________________ > OpenAFS-devel mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-devel > _______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel
