Date: Tue, 4 Feb 2003 18:47:52 -0800 From: Avleen Vig <lists-freebsd@silverwraith.com> To: freebsd-security@freebsd.org Subject: Re: krb5-realm.com Message-ID: <20030205024752.GD37185@silverwraith.com>
next in thread | raw e-mail | index | archive | help
On Mon, Feb 03, 2003 at 03:34:12AM -0800, Jacques A. Vidrine wrote: > > isnt it a bad thing if every sshd on the world ends up contacting > > krb5-realm.com by default? is this also true for newer versions of > > sshd > > (with kerberos disabled)? i mean it may make the owners of > > krb5-realm.com powerful beings. sounds a bit .NET to me. > > Well it could conceivably cause breakage (as described), but nothing > worse. The krb5-realm.com domain administrator cannot possibly > leverage the situation in order to subvert authentication. And for what it is worth, neither would I want to :-) As I said in an earlier email, I do my best to make sure the NS is availible at all times. Unfortuantely sometimes outages happen and they cannot be avoided. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030205024752.GD37185>