| commit | 6043cc8c88a7faf20e16176bd9982356fa4b3d24 | |
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | |
| Mon, 16 Mar 2015 15:47:16 +0000 (16 10:47 -0500) | ||
| committer | Nicolas Williams <nico@cryptonector.com> | |
| Mon, 16 Mar 2015 15:47:16 +0000 (16 10:47 -0500) | ||
| tree | b475b0a73863223296ede7c8c78e131f93877a1c | treesnapshot (tar.gz zip) |
| parent | 9fbbc4cf85e2069193d538aa04387eda4c6367a8 | commitdiff |
kadmind: check for KADM5_PRIV_GET when op GET
When performing a permission check for a GET operation the
KADM5_PRIV_GET_KEYS privilege should not be assumed to be a pure
superset of KADM5_PRIV_GET. If the "get" permission is denied the
user cannot get an entry with or without key data.
When performing a permission check for a GET operation the
KADM5_PRIV_GET_KEYS privilege should not be assumed to be a pure
superset of KADM5_PRIV_GET. If the "get" permission is denied the
user cannot get an entry with or without key data.
| kadmin/server.c | diffblobblamehistory |