Date: Mon, 11 Mar 1996 08:43:29 +0200 From: Mark Murray <mark@grondar.za> To: Adam David <adam@veda.is> Cc: mark@grondar.za (Mark Murray), freebsd-current@freebsd.org Subject: Re: HEADS UP! Please check... Message-ID: <199603110643.IAA02287@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
Adam David wrote: > > No. tell it not to use kerberos with `su -K'. > > Yes, I have been doing that. It was just a surprise to see the change in this > behaviour for the case without the -K. I would expect it to ask for a normal > password when kerberos is present but not available (for whatever reason). Or > is this considered a security feature, to require non-kerberos handling to be > explicitly requested?... but in that case why did the previous version ask fo r > the password twice at all? The original Kerberos intgration was done in a bit of a hurry :-). If you have the pre-change code, have a look at it. There is one major call to Kerberos in main(), and it was squeezed in with a minimum of integration effort. If that call fails (for whatever reason), the code drops through to the original logic. This call was "wrapped" around the original logic, and had its own password prompt, resulting in the possibility of two prompts. M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 Finger mark@grondar.za for PGP key
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199603110643.IAA02287>