On Apr 7, 2004, at 12:41 PM, Jeffrey Hutzelman wrote:
This property is not new with krb5. It follows directly from the UNIX security architecture.
If you do not trust the people who have privileged access to your machine, then you have already lost.
I wonder how "capability" based OS'es might change that interaction (I've wondered about how kerberos might function in a capability environment in the past, but haven't been sure how to approach it ... and that goes for AFS as well).
_______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
