[1437] in SIPB-AFS-requests
Weird Shit in the sipb pts database
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Thu Jun 23 22:11:15 1994
To: sipb-afsreq@MIT.EDU
Cc: probe@MIT.EDU, jis@MIT.EDU
Date: Thu, 23 Jun 94 22:10:23 EDT
From: Marc Horowitz <marc@MIT.EDU>
You know the interrealm support in the newer ptservers? This stuff:
<103> w20-575-53:~> pts ex system:authuser@andrew.cmu.edu -c athena
Name: system:authuser@andrew.cmu.edu, id: -97536, owner: system:administrators,creator: probe.root,
membership: 5, flags: S-M--, group quota: 25.
<105> w20-575-53:~> pts mem system:authuser@andrew.cmu.edu -c athena
Members of system:authuser@andrew.cmu.edu (id: -97536) are:
wally@andrew.cmu.edu
dl2n@andrew.cmu.edu
fl0p@andrew.cmu.edu
db74@andrew.cmu.edu
jd5u+@andrew.cmu.edu
Well, if you create system:authuser@lcs.mit.edu (or any other realm,
existent or not, it seems), then *anyone*, authenticated or not, can
create entries for *anyone* in that realm. Watch carefully:
<131> w20-575-53:~> unlog
<132> w20-575-53:~> pts createu bogon@andrew.cmu.edu -c sipb
libprot: Unknown code ktc 3 (11862787) Could not get afs tokens, running unauthenticated.
User bogon@andrew.cmu.edu has id 268435469
<133> w20-575-53:~> pts ex bogon@andrew.cmu.edu -c sipb
libprot: Unknown code ktc 3 (11862787) Could not get afs tokens, running unauthenticated.
Name: bogon@andrew.cmu.edu, id: 268435469, owner: system:administrators, creator: anonymous,
membership: 1, flags: S----, group quota: 0.
Kinda cool, eh? This should get fixed.
Marc
