I'm pleased to announce release 0.6 of wallet. This is beta-quality
software and should be treated with caution. It is currently being tested
for production deployment at Stanford.

The wallet is a system for managing secure data, authorization rules to
retrieve or change that data, and audit rules for documenting actions
taken on that data. Objects of various types may be stored in the wallet
or generated on request and retrieved by authorized users. The wallet
tracks ACLs, metadata, and trace information. It is built on top of the
remctl protocol and uses Kerberos GSS-API authentication. One of the
object types it supports is Kerberos keytabs, making it suitable as a
user-accessible front-end to Kerberos kadmind with richer ACL and metadata
operations.

Changes from previous release:

SECURITY: If -f is used and the output file name with ".new" appended
already exists, unlink it first and then create it safely rather than
truncating it. This is much safer when creating files in a
world-writable directory.

The wallet client can now get the server, port, principal, and remctl
type from krb5.conf as well as from compile-time defaults and
command-line options.

When getting a keytab with the client with no -f option, correctly
write the keytab to standard output rather than dying with a cryptic
error.

When downloading a keytab to a file that already exists, merge the new
keytab keys into that file rather than moving aside the old keytab and
creating a new keytab with only the new keys.

The wallet client now supports a -u option, saying to obtain Kerberos
credentials for the given user and use those for authentication rather
than using an existing ticket cache.

Add a wallet-admin program which can initialize and destroy the
database and list all objects and ACLs in the database.

Support enforcing a naming policy for wallet objects via a Perl
function in the wallet server configuration file.

The build system now probes for GSS-API, Kerberos v5 and v4, and AFS
libraries as necessary rather than hard-coding libraries. Building
on systems without strong shared library dependencies and building
against static libraries should now work.

Building kasetkey (for AFS kaserver synchronization) is now optional
and not enabled by default. Pass --with-afs to configure to enable
it. This allows wallet to be easily built in an environment without
AFS.

Add a sample script (contrib/wallet-report) showing one way of
reporting on the contents of the wallet database. This will
eventually become more general.

You can download it from:



Please let me know of any problems or feature requests not already listed
in the TODO file.

--
Russ Allbery (rra@stanford.edu)