[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ITP: openafs-krb5, openafs-ptutil - packages needed for openafs to be useful

On Thu, Dec 07, 2000 at 10:31:36AM -0500, Sam Hartman wrote:
> The default way of setting up an AFS cell involves opening your system
> up such that any user who can send UDP packets to your system can
> execute arbitrary commands as root while the database is being
> created.  This fails to meet my personal security standards or those
> of Debian.  So, I packaged up pt_util, a program that creates the
> protection database without requiring the sysadmin to configure in a
> remote root hole.  Pt_util is a local MIT utility and really does not
> have a public upstream source, although it is likely to be available
> in the future.  There is an upstream maintainer who I have coordinated
> with.  It is released under the MIT license.

Is this disableable in the openafs packages, or at least, does it
scream loudly?

Dan

/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|        SCS Class of 2002       |
|   Debian GNU/Linux Developer    __    Carnegie Mellon University   |
|         dan@debian.org         |  |       dmj+@andrew.cmu.edu      |
\--------------------------------/  \--------------------------------/
Reply to: