some comments from Love

author Ken Raeburn <raeburn@mit.edu>

Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)

committer Ken Raeburn <raeburn@mit.edu>

Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)
author Ken Raeburn <raeburn@mit.edu>
Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)
committer Ken Raeburn <raeburn@mit.edu>
Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)
diff --git a/doc/iprop-notes.txt b/doc/iprop-notes.txt

index 890efdc1e9f4e9c5b25b5f40474a6611c1afdc70..8efee36f6610d33489385ba204f77b5eb2e1c53e 100644 (file)
--- a/doc/iprop-notes.txt
+++ b/doc/iprop-notes.txt
@@ -126,3 +126,15 @@ it in debug mode ("-d").  You'll still lose all output from the
  invocation of kdb5_util dump and kprop run out of kadmind.
  
  Other man page updates needed: Anything with new -x options.
+
+Comments from lha:
+
+Verify both client and server are demanding privacy from RPC.
+
+Authorization code in check_iprop_rpcsec_auth is weird.  Check realm
+checking, is it trusting the client realm length?
+
+What will happen if my realm is named "A" and I can get a cross realm
+(though multihop) to ATHENA.MIT.EDU's iprop server?
+
+Why is the ACL not applied before we get to the functions themselves?
author	Ken Raeburn <raeburn@mit.edu>
	Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)
committer	Ken Raeburn <raeburn@mit.edu>
	Mon, 4 Aug 2008 21:39:10 +0000 (21:39 +0000)