[889] in Release_7.7_team
Re: why we should document forwardable tickets
daemon@ATHENA.MIT.EDU (Craig Fields)
Thu Mar 6 16:36:24 1997
Date: Thu, 6 Mar 1997 21:36:20 GMT
From: Craig Fields <cfields@MIT.EDU>
To: ghudson@MIT.EDU
Cc: mbarker@MIT.EDU, release-team@MIT.EDU
> If I can modify your dotfiles, I can be you.
How effective this is really depends on the attacker's goals.
For example, if my goal is simply to cause trouble by impersonating
you over zephyr, this is made far easier with forwardable K5 tickets
than K4 tickets. It could still be done in various ways with K4
tickets, but would require considerably more work. Using the K5
tickets would require no work to speak of.
On the other hand, if it is to read mail from your homedir, it doesn't
make a lot of difference.
I don't believe that the ability to modify a user's dotfiles levels
the complexity of all of the interesting attacks one might want to
make, so I think documenting this is a worthwhile thing. Furthermore,
I believe that an extra reminder to users that they shouldn't be
leaving their workstations unattended in this way is no bad thing
either.
Craig
