[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: API differences between Heimdal and MIT
Juha Jäykkä <firstname.lastname@example.org> writes:
> I understand your view, but cannot agree. If match_local_principals()
> succeeds I think there is no reason to block the user just because
> .k5login is *inaccesible* (if it's empty, but readable, I agree: block the
You can't have both. Suppose I can trick your fileservers to be
unavailable for a some time -- it's then possible to login even though
I'm not allowed to.
Maybe this should be configurable.