Can anyone tell me how to destroy a token from a program (like unlog); don't
tell me to exec unlog since (a) unlog doesn't appear to exist in the Alpha
OSF1 beta kit and (b) I don't want the overhead of execing a process.
We can create tokens by getting an MIT kerberos ticket and using ktc_SetToken;
this we worked out from looking at aklog source. We could set up a user
"nobody" and use that token when we want the process to be unprivileged, but
that means that we'll be in the group system:authuser, not system:anyuser, as
we really want. Maybe we could ktc_SetToken with zero lifetime? But we'd
rather do it properly.
Is Transarc going to actually document the ktc_ routines some sunny day?
Peter Lister Email: [EMAIL PROTECTED]
Computer Centre, Cranfield University Voice: +44 234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL UK Fax: +44 234 750875
--- 3-1, 2-1, 1-1. Probability factor of 1 to 1. We have normality. ---
