[886] in Release_7.7_team
Re: why we should document forwardable tickets
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Mar 6 15:30:59 1997
To: Craig Fields <cfields@MIT.EDU>
Cc: ghudson@MIT.EDU, mbarker@MIT.EDU, release-team@MIT.EDU
In-Reply-To: Your message of "Thu, 06 Mar 1997 20:26:24 GMT."
<199703062026.UAA02856@mad-scientist.MIT.EDU>
Date: Thu, 06 Mar 1997 15:30:52 EST
From: Greg Hudson <ghudson@MIT.EDU>
> Baloney. Exploiting the forwardable K5 tickets requires much less
> knowledge and skill than exploiting K4 tickets.
I think you overestimate how much skill is required to get AFS tokens
with a copied set of Kerberos tickets:
small-gods% rcp -x /tmp/tkt_ghudson_null pyramids:/tmp/tkt_ghudson_null
small-gods% rlogin pyramids
Warning: No Kerberos tickets obtained.
Athena Workstation (INDY) Version 8.0J Mon Jan 13 16:38:38 EST 1997
pyramids% aklog sipb athena dev
pyramids% tokens
Tokens held by the Cache Manager:
User's (AFS ID 3622) tokens for afs@dev.mit.edu [Expires Mar 7 01:25]
User's (AFS ID 3622) tokens for afs@athena.mit.edu [Expires Mar 7 01:25]
User's (AFS ID 3622) tokens for afs@sipb.mit.edu [Expires Mar 7 01:25]
--End of list--
pyramids% touch foo
pyramids% rm foo
