On Fri, 2011-05-27 at 19:21 +0200, Martin Kosek wrote:
> On Fri, 2011-05-27 at 11:10 -0400, Rob Crittenden wrote:
> > Martin Kosek wrote:
> > > On Mon, 2011-05-16 at 17:46 -0400, Rob Crittenden wrote:
> > >> Add option to limit the attributes allowed in an entry.
> > >>
> > >> Kerberos ticket polic
Martin Kosek wrote:
On Fri, 2011-05-27 at 11:10 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-05-16 at 17:46 -0400, Rob Crittenden wrote:
Add option to limit the attributes allowed in an entry.
Kerberos ticket policy can update policy in a user entry. This allowed
set/addattr
On Fri, 2011-05-27 at 11:10 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Mon, 2011-05-16 at 17:46 -0400, Rob Crittenden wrote:
> >> Add option to limit the attributes allowed in an entry.
> >>
> >> Kerberos ticket policy can update policy in a user entry. This allowed
> >> set/addattr
Martin Kosek wrote:
On Mon, 2011-05-16 at 17:46 -0400, Rob Crittenden wrote:
Add option to limit the attributes allowed in an entry.
Kerberos ticket policy can update policy in a user entry. This allowed
set/addattr to be used to modify attributes outside of the ticket policy
perview, also bypa
On Mon, 2011-05-16 at 17:46 -0400, Rob Crittenden wrote:
> Add option to limit the attributes allowed in an entry.
>
> Kerberos ticket policy can update policy in a user entry. This allowed
> set/addattr to be used to modify attributes outside of the ticket policy
> perview, also bypassing all v
