tech-security: kerberos

Subject: kerberos
To: None <tech-security@netbsd.org>
From: Hubert Feyrer <feyrer@rfhs8012.fh-regensburg.de>
List: tech-security
Date: 07/16/2000 16:28:29

  by mail.netbsd.org with SMTP; 16 Jul 2000 14:28:29 -0000
	by rfhs8012.fh-regensburg.de (8.10.1/8.10.1) with ESMTP id e6GERo315267
	for <tech-security@netbsd.org>; Sun, 16 Jul 2000 16:27:50 +0200 (MET DST)
Date: Sun, 16 Jul 2000 16:28:29 +0200 (MET DST)
From: Hubert Feyrer <feyrer@rfhs8012.fh-regensburg.de>
Reply-To: hubert.feyrer@informatik.fh-regensburg.de
To: tech-security@netbsd.org
Subject: kerberos
Message-ID: <Pine.GSO.4.10.10007161626160.11355-100000@rfhpc8320.fh-regensburg.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

it seems the latest 1.5_ALPHA i386 snapshot still has problems with the
built in kerberos - i've been told you can't change passwords with "passwd
someuser". 

Can we resolve this somehow, please? Either 

 * make the kerberos code inactive until it's really configured (isn't
   that our policy?) or

 * don't build in kerberos by default. 

Given that most people don't need kerberos, forcing users to either
configure it or work around it seems suboptimal to me.

 - Hubert

-- 
NetBSD - because Unix isn't just #include <linux.h>, i386, ILP32, ELF, ...!