From owner-freebsd-security@FreeBSD.ORG Wed Jun 14 09:27:26 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E34AF16A41A for ; Wed, 14 Jun 2006 09:27:26 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Received: from www.ebusiness-leidinger.de (jojo.ms-net.de [84.16.236.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E95543D53 for ; Wed, 14 Jun 2006 09:27:25 +0000 (GMT) (envelope-from Alexander@Leidinger.net) Received: from Andro-Beta.Leidinger.net (p54A5DA8D.dip.t-dialin.net [84.165.218.141]) (authenticated bits=0) by www.ebusiness-leidinger.de (8.13.4/8.13.4) with ESMTP id k5E9MQma074822; Wed, 14 Jun 2006 11:22:27 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from localhost (localhost [127.0.0.1]) by Andro-Beta.Leidinger.net (8.13.4/8.13.3) with ESMTP id k5E9QAXg027190; Wed, 14 Jun 2006 11:26:10 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde MIME library) with HTTP; Wed, 14 Jun 2006 11:26:09 +0200 Message-ID: <20060614112609.fhyc78zao0ooc8wk@netchild.homeip.net> X-Priority: 3 (Normal) Date: Wed, 14 Jun 2006 11:26:09 +0200 From: Alexander Leidinger To: Forrest Aldrich References: <448C46BD.8060203@forrie.com> In-Reply-To: <448C46BD.8060203@forrie.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (4.1) / FreeBSD-4.11 X-Virus-Scanned: by amavisd-new X-Mailman-Approved-At: Wed, 14 Jun 2006 11:27:56 +0000 Cc: freebsd-security@freebsd.org Subject: Re: Kerberos5 / Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jun 2006 09:27:27 -0000 Quoting Forrest Aldrich (from Sun, 11 Jun 2006 =20 12:37:17 -0400): > I have FreeBSD-6.1 and it appears the default installation has a full > complement of Kerberos5. But, /usr/src/kerberos5/README states: > > This subtree is world-exportable, as it does not contain any > cryptographic code. > > At the time of writing, it did not even contain source code, only > Makefiles and headers. > > Please maintain this "exportable" status quo. > > Thanks! > > MarkM > markm@freebsd.org > 20th Sept 1997 > > > I'm guessing the README is a bit out-of-date... Yes, the USA changed the export restrictions and we're able to export =20 crypto code to the world. > The HANDBOOK suggests more needs to be obtained from the > security/heimdal port. The port allows you to add support for LDAP, cracklib and builds X11 =20 tools if desired. > I see all the libraries in /usr/lib etc., so which is it... do we have > a full install as a part of 6.1 or is the security/heimdal still needed > to bring it up to speed. If you don't need the above menioned features, you don't need to =20 install the port. Bye, Alexander. --=20 Selling GoodYear Eagle F1 235/40ZR18, 2x 4mm + 2x 5mm, ~150 EUR you have to pick it up between Germany/Saarland and Luxembourg/Capellen http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID =3D B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID =3D 72077137