[OpenAFS-devel] Exact meaning of ViceId in VIOCSETTOK?

[Volker.Lendecke@SerNet.DE]

--ZoaI/ZTpAVc4A5k6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

As you might have seen I'm developing the fake-kaserver support in Samba. S=
amba
creates the AFS token itself once it has found that the user has proved its
identity.

In the VIOCSETTOK pioctl I've followed the comment in auth/ktc.c:328 that
ct.ViceId =3D getuid(); is an acceptable choice for the ClearToken. I curre=
ntly
only have a single cell, to to me that seems ok.

Now I want to extend this to write a substitution for klog using winbind
authentication. This means that would like to contact winbind with user/pw =
via
/tmp/.winbindd/pipe. Winbind then authenticates the user, creates the token=
 and
hands it to the contacting program via that pipe.

This means that the process doing the actual VIOCSETTOK would be non-privil=
eged
and could set the fields in the ClearTok structure itself. To make sure thi=
s is
ok I tried to follow the usage path of the ViceId and the other fields, but=
 I
failed to find the exact usage of the fields in the client. My interpretati=
on
is that in viced/host.c the MapName_r creates the vid field by asking the
ptserver, so to me it seems that ct.ViceId is not really security-sensitive=
.=20

So my question: Where in the client is ViceId really used?

Thanks,

Volker

--ZoaI/ZTpAVc4A5k6
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQFAENe2duqO64/tJS8RAgvbAJ9grYHG4zgpp/eDe/U23g5qikGVMQCeLUQB
3su8lV0AKYGQKOBASyH5t60=
=OoKO
-----END PGP SIGNATURE-----

--ZoaI/ZTpAVc4A5k6--