I am using MIT Kerberos 1.2.6.
I am writing an application which does multiple gss_init_sec_context on
behalf of various kerberos principals / unix users (basically the
application does a setuid) and also as different users (like
uid=101,102). The application would do a setuid to appropriate u
Hi,
after doing kinit the kerberos client creates a krb5 ticket cache file
like /tmp/krb5cc_506.
Another user having root privileges on this client can optain these
ticket cache file and have the network wide rights of the owner of this
ticket.
Is there any chance that the ticket is stored in
On Wed, Feb 05, 2003 at 02:06:00PM +1100, Vanessa Jones said tag, you're it:
> I want to know if the MIT Kerberos v5 will work on Solaris 2.9?
> Has anyone got it to work on Soarlis 2.9. We want to upgrade our operating system
> and I want to make sure there aren't going to be any major probl
Quoth [EMAIL PROTECTED] (Klaas Hagemann):
...
| after doing kinit the kerberos client creates a krb5 ticket cache file
| like /tmp/krb5cc_506.
|
| Another user having root privileges on this client can optain these
| ticket cache file and have the network wide rights of the owner of this
| ticke
I am using MIT Kerberos 1.2.6.
I am writing an application which does multiple gss_init_sec_context on
behalf of various kerberos principals / unix users (basically the
application does a setuid) and also as different users (like
uid=101,102). The application would do a setuid to appropriate user
Vanessa -
Solaris 2.9 comes with Kerberos already installed, tested, and ready
to go. It is based on MIT KRB5 1.2.X (we have kept up with bug fixes
etc etc).We interoperate with MIT KRb5 and Microsoft AD just fine.
Plus, by sticking with the Kerberos software that comes with the OS,
you
Sorry if this is a bit newbie ..
This is my hypothetical scenario:
I have a client process that authenticates to the KDC.
I get a TGT as part of that transaction I think.
I go back to the TGS with my TGT and get a ticket to access some service.
Now that service ticket should be encrypted with a k
>So does the service need to contact a KDC to validate the ticket when it
>receives my call?
No, that's the beauty of Kerberos.
-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
Kerberos mailing list [EMAIL PROTECTED]
https
<<< text/plain; charset=ISO-8859-1; format=flowed: Unrecognized >>>
--- Begin Message ---
Donn Cave schrieb:
Quoth [EMAIL PROTECTED] (Klaas Hagemann):
...
| after doing kinit the kerberos client creates a krb5 ticket cache file
| like /tmp/krb5cc_506.
|
| Another user having root privileges on th
