Re: ITP: openafs-krb5, openafs-ptutil - packages needed for openafs to be useful
On Thu, Dec 07, 2000 at 10:31:36AM -0500, Sam Hartman wrote:
> The default way of setting up an AFS cell involves opening your system
> up such that any user who can send UDP packets to your system can
> execute arbitrary commands as root while the database is being
> created. This fails to meet my personal security standards or those
> of Debian. So, I packaged up pt_util, a program that creates the
> protection database without requiring the sysadmin to configure in a
> remote root hole. Pt_util is a local MIT utility and really does not
> have a public upstream source, although it is likely to be available
> in the future. There is an upstream maintainer who I have coordinated
> with. It is released under the MIT license.
Is this disableable in the openafs packages, or at least, does it
scream loudly?
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/
Reply to: