Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve Package: krb5-config Version: 1.17 Severity: minor
Steve The krb5-config package chooses a default value for the
Steve host's default realm based on the output of the
Steve dnsdomainname command.
Steve This is not
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ SRV records can pose similar problems, but people don't seem
Russ as worried about them. I'm not sure if that's because the
Russ analysis of what an attacker can do with a SRV record is
Russ less confusing or just because SRV
Package: krb5-config
Version: 1.17
Severity: minor
The krb5-config package chooses a default value for the host's default realm
based on the output of the dnsdomainname command.
This is not always the correct value.
http://tools.ietf.org/id/draft-ietf-krb-wg-krb-dns-locate-02.txt, which
AIUI is
Steve Langasek [EMAIL PROTECTED] writes:
Of course, I've also never seen MIT KRB5 respect these TXT records, so
perhaps there's a good reason not to use them that I'm unaware of; but
they are still mentioned in the documentation from krb5 1.4.4.
Support for TXT records to do realm mapping is
4 matches
Mail list logo