subject:"\[Freeipa\-devel\] \[DESIGN\] IPA permission enforcement in Dogtag"

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-02-07 Thread Jan Cholasta

On 8.2.2017 08:06, Fraser Tweedale wrote: On Wed, Feb 08, 2017 at 08:02:18AM +0100, Jan Cholasta wrote: On 8.2.2017 07:29, Fraser Tweedale wrote: On Mon, Feb 06, 2017 at 10:24:31AM +0100, Jan Cholasta wrote: On 17.1.2017 08:57, David Kupka wrote: On 13/01/17 08:07, Fraser Tweedale wrote: Rel

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-02-07 Thread Fraser Tweedale

On Wed, Feb 08, 2017 at 08:02:18AM +0100, Jan Cholasta wrote: > On 8.2.2017 07:29, Fraser Tweedale wrote: > > On Mon, Feb 06, 2017 at 10:24:31AM +0100, Jan Cholasta wrote: > > > On 17.1.2017 08:57, David Kupka wrote: > > > > On 13/01/17 08:07, Fraser Tweedale wrote: > > > > > Related to design: > >

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-02-07 Thread Jan Cholasta

On 8.2.2017 07:29, Fraser Tweedale wrote: On Mon, Feb 06, 2017 at 10:24:31AM +0100, Jan Cholasta wrote: On 17.1.2017 08:57, David Kupka wrote: On 13/01/17 08:07, Fraser Tweedale wrote: Related to design: http://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication Currently there are some ope

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-02-07 Thread Fraser Tweedale

On Mon, Feb 06, 2017 at 10:24:31AM +0100, Jan Cholasta wrote: > On 17.1.2017 08:57, David Kupka wrote: > > On 13/01/17 08:07, Fraser Tweedale wrote: > > > Related to design: > > > http://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication > > > > > > Currently there are some operations that hit

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-02-06 Thread Jan Cholasta

On 17.1.2017 08:57, David Kupka wrote: On 13/01/17 08:07, Fraser Tweedale wrote: Related to design: http://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication Currently there are some operations that hit the CA that involve a number of privileged operations against the CA, but for which there

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-01-16 Thread David Kupka

On 13/01/17 08:07, Fraser Tweedale wrote: Related to design: http://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication Currently there are some operations that hit the CA that involve a number of privileged operations against the CA, but for which there is only one associated IPA permission.

[Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

2017-01-12 Thread Fraser Tweedale

Related to design: http://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication Currently there are some operations that hit the CA that involve a number of privileged operations against the CA, but for which there is only one associated IPA permission. Deleting a CA is a good example (but it is

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

Re: [Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

[Freeipa-devel] [DESIGN] IPA permission enforcement in Dogtag

7 matches

Site Navigation

Mail list logo

Footer information