[1720] in Kerberos
Re: protocol question
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Jan 16 16:47:45 1992
Date: Thu, 16 Jan 92 16:01:51 -0500
From: tytso@Athena.MIT.EDU (Theodore Ts'o)
To: marantz@cs.rutgers.edu
Cc: kerberos@Athena.MIT.EDU
In-Reply-To: marantz@cs.rutgers.edu's message of Thu, 16 Jan 92 12:22:20 EST,
Reply-To: tytso@Athena.MIT.EDU
Date: Thu, 16 Jan 92 12:22:20 EST
From: marantz@cs.rutgers.edu
I thought (now I see that isn't default, I'd need to set
ENC-TKT-IN-SKEY) that I could get the reply (or at least a part of it)
encrypted in my key which a bogus TGS shouldn't know. [If it does
know my key then I'm lost anyway] I'd use the encrypted stuff to
verify the TGS to me and then be able to believe the ticket for the
user.
No, the problem is this: how does the pwauthd know that it's been
encrypted in "your key"? All it can tell is whether or not it's been
encrypted in the password which some entity has typed into the login
screen. If the attacker controls what's being typed into your keyboard
and what the bogus TGS sends, he/she will be able to login your system.
Now, if your system is a public workstation ala Project Athena, where
the root password is public knowledge and anyone could throw the power
switch and boot in single user mode anyway, this may not be a big deal.
However, if this login program is running on your master source machine
or some other machine which has important information on its local hard
disks, you don't want to do this. It is a very bad idea.
- Ted
