gssproxy

Clone
Source Code
GIT

a28a79a Carefully process desired name based on service

Authored and Committed by simo 11 years ago
raw patch tree parent
3 files changed. 36 lines added. 39 lines removed.
proxy/src/gp_creds.c
file modified
+31 -14
proxy/src/gp_rpc_acquire_cred.c
file modified
+4 -24
proxy/src/gp_rpc_creds.h
file modified
+1 -1 
    Carefully process desired name based on service
    
    In case the name type is GSS_C_NT_STRING_UID_NAME or GSS_NT_MACHINE_UID_NAME
    we want to be able to impersonate the user referenced by the uid.
    
    This is allowed exclusively for trusted services otherwise a generic
    unprivileged application would be allowed to impersonate any user if there are
    credentials available on the system or client keytabs installed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>
    Reviewed-by: Günther Deschner <gdeschner@redhat.com>
file modified
+31 -14
file modified
+4 -24
file modified
+1 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.