Date: Wed, 23 Oct 1996 09:30:02 -0700 (PDT) From: Garrett Wollman <wollman@lcs.mit.edu> To: freebsd-bugs Subject: Re: conf/972 Message-ID: <199610231630.JAA25163@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/972; it has been noted by GNATS. From: Garrett Wollman <wollman@lcs.mit.edu> To: "Marc G. Fournier" <scrappy@freefall.freebsd.org> Cc: freebsd-gnats-submit@freefall.freebsd.org Subject: Re: conf/972 Date: Wed, 23 Oct 1996 12:20:00 -0400 <<On Tue, 22 Oct 1996 14:37:58 -0700 (PDT), "Marc G. Fournier" <scrappy@freefall.freebsd.org> said: > Basically, since Kerberos isn't distributed on the CD, Originator > suggests commenting out the appropriate entries in /etc/inetd.conf > Are there any reasons, security or otherwise, where leaving them > enabled is a bad thing? Yes. If they are enabled, than a Kerberized host attempting to talk to a non-Kerberized host will see `krlogin' succeed and then immediately drop, rather than failing (the correct behavior). Thus, the automatic fallback does not work in this case. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, ANA, or NSA| - Susan Aglukark and Chad Irschick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610231630.JAA25163>