[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Kerberos, again

Brian May <bam@snoopy.apana.org.au> writes:
> - Coding standards in MIT's implementation are sloppy, if not
> dangerously insecure. Perhaps this has already been fixed in the latest
> version, but last I looked (version 1.0.5 I think), the ftpd daemon
> ..
> I asked about another problem on comp.protocols.kerberos (is that
> correct?) where the command line for rsh is always transmitted

It's probably a mistake to judge the coding standards for Kerberos by the
legacy BSD applications included in the distribution. programs like rsh,
rlogind, and to a lesser degree ftpd, were just hacks on an existing codebase
from Berkely.

> What is the best way to deal with multiple versions of telnet, rsh,
> etc?
> telnet is easy, just conflict with telnet and telnetd packages, I think
> would be sufficient. However, rsh is in netbase (or has that changed
> now)?

In the existing Kerberos 4 based on KTH kerberos I just used program-transform
to prefix everything with a k. Alternatively if they could be made
alternatives. I urge packages _not_ to use diversions for this, diversions
because a pain if there's more than two packages involved.


Reply to: