MIT krb5, telnetd, PAM, incorrect permissions on forwarded tickets
Tillman Hodgson
tillman at seekingfire.com
Thu Dec 4 05:55:17 PST 2003
I'm trying over here since I didn't have any luck fishing in ports@ :-)
I've since found the parts of the MIT login.krb5 that chown the
forwarded ticket file. That was nice to know to not really relevent :-)
I understand that there's a race condition when having root chown a file
in /tmp to a user (symlinks being the obvious attack path). There are
ways around that, though, so I don't believe the change that I'm looking
for leads to a security problem if handled carefully.
-T
--
All programs evolve until they can send email.
- A.S.R. quote (Richard Letts)
Except Microsoft Exchange.
- A.S.R. quote (Art)
-------------- next part --------------
An embedded message was scrubbed...
From: Tillman Hodgson <tillman at seekingfire.com>
Subject: MIT krb5, telnetd, PAM, incorrect permissions on forwarded tickets
Date: Wed, 3 Dec 2003 11:33:19 -0600
Size: 2991
Url: http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20031204/eeb7bde9/attachment.eml
More information about the freebsd-questions
mailing list