From owner-freebsd-current@FreeBSD.ORG  Mon May  5 13:01:25 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id A815837B405; Mon,  5 May 2003 13:01:25 -0700 (PDT)
Received: from ion.gank.org (ion.gank.org [198.78.66.164])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2964743F93; Mon,  5 May 2003 13:01:18 -0700 (PDT)
	(envelope-from craig@xfoil.gank.org)
Received: from localhost (ion.gank.org [198.78.66.164])
	by ion.gank.org (GankMail) with ESMTP
	id 470B82CFCA; Mon,  5 May 2003 15:01:17 -0500 (CDT)
Received: from ion.gank.org ([198.78.66.164])
 by localhost (ion.gank.org [198.78.66.164]) (amavisd-new, port 10024)
 with LMTP id 90114-02-4; Mon,  5 May 2003 15:01:16 -0500 (CDT)
Received: from owen1492.uf.corelab.com (pix.corelab.com [12.45.169.2])
	by ion.gank.org (GankMail) with ESMTP
	id 82FD82BBB7; Mon,  5 May 2003 15:01:16 -0500 (CDT)
From: Craig Boston <craig@xfoil.gank.org>
To: current@freebsd.org
In-Reply-To: <1052164783.38008.37.camel@owen1492.uf.corelab.com>
References: <200305050845.h458j38c069038@grimreaper.grondar.org>
	 <20030505121050.GC21530@madman.celabo.org>
	 <20030505052615.R2996@znfgre.qbhto.arg>
	 <200305051950.h45Jo5Pu026249@khavrinen.lcs.mit.edu>
	 <1052164783.38008.37.camel@owen1492.uf.corelab.com>
Content-Type: text/plain
Organization: 
Message-Id: <1052164876.38008.40.camel@owen1492.uf.corelab.com>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.2.4 
Date: 05 May 2003 15:01:16 -0500
Content-Transfer-Encoding: 7bit
Subject: Re: HEADS UP! Kerberos5/Heimdal now default!
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2003 20:01:26 -0000

Man, I am losing my mind today.  Please disregard, stable -- meant to
send to current@

Sorry for the noise

On Mon, 2003-05-05 at 14:59, Craig Boston wrote:
> Sorry for the dupe Garrett, forgot to copy the list......
> 
> > What ``extremely colorful history of ... vulnerabilities''?  I can
> > think of no more than five times I've had to rebuild my KDC in six
> > years.
> 
> ...and nearly every security advisory I've seen for Kerberos 5 in the
> last year or two was actually for the Kerberos 4 compatibility code. 
> One of the reasons I always build the port with "KRB5_KRB4_COMPAT=NO".
> 
> The only exception I can think of at the moment was the XDR/RPC buffer
> overflow, which hit a LOT of software.
> 
> Craig