@bbockelm commented on this pull request.

In src/XrdHttp/XrdHttpProtocol.cc:

>  
+  // If we could not find anything good, take the last 8 non-space characters of the main subject
+  if (!SecEntity.name) {
+    size_t j = 8;
+    SecEntity.name = strdup("unknown-\0"); // note it's 9 chars

Is it safe to automatically assign names here (and above)?

Recall that parts of the DN are user-controlled ... not sure if a clever user could control their mapped name.

What if an admin wants a dedicated "unmapped" account when the user is not in the gridmap?


You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/1224#pullrequestreview-436694247", "url": "https://github.com/xrootd/xrootd/pull/1224#pullrequestreview-436694247", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1