I don't think you want to give Alice your credentials in this case. What you want to do is associated an ACL on your files/directories which provide Alice permissions to access them in the methods you wish to permit.
Jeffrey Altman [EMAIL PROTECTED] wrote: > Hi, > > I am wondering if I can do the following in Kerberos (any flavours). > > I am a user of some realm. I have a friend Alice who is not a user of > my realm nor is a user of any other Kerberos realm. > > How can I give access to Alice to some of the files stored on a > Kerberized file server? > > In otherwords can I somehow delegate my permissions (token) to Alice so > that she can use that token to authenticate with the server. I don't > want to do proxy delegation since I don't want Alice to act on my > behalf. > > I was thinking that it might be possible in Public key based Kerberos > PKDA or PKINIT. > > I browsed for a while but could not find any document that said that in > Kerberos a user can delegate his/her token to another user. Any > pointers? > > PS: Is public key based Kerberos used in practice? > > Thanks. > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
