Does anyone knows if this is a known problem? Am I misinterpreting the RFC?
Thanks, Gabriel ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Del Blanco Gabriel-AGD019 Sent: Wednesday, August 01, 2007 9:01 AM To: [email protected] Subject: Cloned users can be used before changing keys I am using Net-SNMP 5.3.0.1 and I noticed that I can clone a user from a template user with security level authpriv and start using it immediately, with the template user pass phrases. This seems to be against the RFC 3414 (Section 5), which requests the usmUserStatus of a cloned user to remain in "notReady" until the keys are changed: "usmUserStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. Until instances of all corresponding columns are appropriately configured, the value of the corresponding instance of the usmUserStatus column is 'notReady'. In particular, a newly created row for a user who employs authentication, cannot be made active until the corresponding usmUserCloneFrom and usmUserAuthKeyChange have been set. Further, a newly created row for a user who also employs privacy, cannot be made active until the usmUserPrivKeyChange has been set." Is this a bug from Net-SNMP? Any idea of how to solve it? Thanks, Gabriel -- Gabriel Sebastián del Blanco -- Motorola Software Group ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
