Date: 05 May 2003 15:01:16 -0500 From: Craig Boston <craig@xfoil.gank.org> To: current@freebsd.org Subject: Re: HEADS UP! Kerberos5/Heimdal now default! Message-ID: <1052164876.38008.40.camel@owen1492.uf.corelab.com> In-Reply-To: <1052164783.38008.37.camel@owen1492.uf.corelab.com> References: <200305050845.h458j38c069038@grimreaper.grondar.org> <20030505121050.GC21530@madman.celabo.org> <20030505052615.R2996@znfgre.qbhto.arg> <200305051950.h45Jo5Pu026249@khavrinen.lcs.mit.edu> <1052164783.38008.37.camel@owen1492.uf.corelab.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Man, I am losing my mind today. Please disregard, stable -- meant to send to current@ Sorry for the noise On Mon, 2003-05-05 at 14:59, Craig Boston wrote: > Sorry for the dupe Garrett, forgot to copy the list...... > > > What ``extremely colorful history of ... vulnerabilities''? I can > > think of no more than five times I've had to rebuild my KDC in six > > years. > > ...and nearly every security advisory I've seen for Kerberos 5 in the > last year or two was actually for the Kerberos 4 compatibility code. > One of the reasons I always build the port with "KRB5_KRB4_COMPAT=NO". > > The only exception I can think of at the moment was the XDR/RPC buffer > overflow, which hit a LOT of software. > > Craig
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1052164876.38008.40.camel>