Mats Erik Andersson <[email protected]> writes: > onsdag den 8 augusti 2012 klockan 12:39 skrev Simon Josefsson detta: >> Mats Erik Andersson <[email protected]> writes: >> >> Thank you! Patch applied. >> >> > * No falling back to other authentication types, as this would >> > consitute a security breach in itself. >> >> I think you refer to the case where there is no .k5login file. I recall >> that MIT/Heimdal fall back on a strcmp-like approach in this situation, >> doesn't it? If the file doesn't exist, I think the semantics in >> MIT/Heimdal is that if your principal matches the username, you are let >> in. Please check this and followup. > > My preferred interpretation is that > > shishi_authorize_p (h, "k5login"); > > should only set authorization type "k5login", nothing more, nothing less. > Allowing the fall back is equivalent to make the above call be equal to > > shishi_authorize_p (h, "k5login basic"); > > I find it important to be able to enforce a distinction here.
Good point, I agree. It feels a bit awkward for every application to provide the "k5login basic" string though. What if we want to introduce something new by default in the future? Maybe there should be a "default" authorization string that maps to (currently) "k5login basic". Then most applications could use that, and we'd be more future safe. Thoughts? /Simon _______________________________________________ Help-shishi mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-shishi
