From Fedora Project Wiki

No edit summary
No edit summary
Line 10: Line 10:


I'm not sure it's an appropriate level of detail, but what I was referring to was gssd. Right now, it does something terrible: it trolls through /tmp looking for files that match krb5cc_UID* and then tests each one that it is capable of opening to see if it has live credentials. With the move to /run/user, gssd no longer will need to do this. It will instead be able to know with absolute certainty which credential cache it is supposed to be using. -- [[User:Sgallagh|Sgallagh]] 12:15, 19 March 2012 (UTC)
I'm not sure it's an appropriate level of detail, but what I was referring to was gssd. Right now, it does something terrible: it trolls through /tmp looking for files that match krb5cc_UID* and then tests each one that it is capable of opening to see if it has live credentials. With the move to /run/user, gssd no longer will need to do this. It will instead be able to know with absolute certainty which credential cache it is supposed to be using. -- [[User:Sgallagh|Sgallagh]] 12:15, 19 March 2012 (UTC)
== Inflexible Policy ==
"The most noticable effect will be that credential caches will not survive a reboot (this is a security enhancement, preventing a stolen system from being accessed for still-valid credentials)."
A major new features in Kerberos 5 is the support for renewable tickets along with a maximum renewable lifetime. These are controlled by the administrator of the KDC. By deleting the credentials cache on reboot you have killed a major feature of Kerberos 5 and have enforced your own judgement and policy choice as superior of the KDC admin of a site. I disagree with cache not surviving a reboot. --[[User:Dkelson|Dkelson]] 21:15, 10 April 2012 (UTC)

Revision as of 21:15, 10 April 2012

Would it make sense to create a #define that sets the ccache format so that if this ever changes again all that would be required is a respin (assuming all packages use that define)?

selinux

No mention of selinux dependencies? --Ktdreyer 02:47, 24 February 2012 (UTC)


"...and simplify locating the caches for NFSv4." This seems not to be explained in the feature page.--Mitr 12:12, 19 March 2012 (UTC)

I'm not sure it's an appropriate level of detail, but what I was referring to was gssd. Right now, it does something terrible: it trolls through /tmp looking for files that match krb5cc_UID* and then tests each one that it is capable of opening to see if it has live credentials. With the move to /run/user, gssd no longer will need to do this. It will instead be able to know with absolute certainty which credential cache it is supposed to be using. -- Sgallagh 12:15, 19 March 2012 (UTC)

Inflexible Policy

"The most noticable effect will be that credential caches will not survive a reboot (this is a security enhancement, preventing a stolen system from being accessed for still-valid credentials)."

A major new features in Kerberos 5 is the support for renewable tickets along with a maximum renewable lifetime. These are controlled by the administrator of the KDC. By deleting the credentials cache on reboot you have killed a major feature of Kerberos 5 and have enforced your own judgement and policy choice as superior of the KDC admin of a site. I disagree with cache not surviving a reboot. --Dkelson 21:15, 10 April 2012 (UTC)