[24553] in Kerberos
kinit issue
daemon@ATHENA.MIT.EDU (prashant sodhiya)
Tue Aug 30 15:32:41 2005
Date: 30 Aug 2005 13:55:03 -0000
Message-ID: <20050830135503.18806.qmail@webmail50.rediffmail.com>
MIME-Version: 1.0
From: "prashant sodhiya" <prashant_sodhiya@rediffmail.com>
To: Kerberos@mit.edu
Content-Type: text/plain;
charset=iso-8859-1
Content-Disposition: inline
Reply-To: prashant sodhiya <prashant_sodhiya@rediffmail.com>
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
In MIT kerberos a "kinit" creates a credential file in /tmp, which is a world-writable directory.
$ ls -l /
drwxrwxrwt 9 bin bin 3584 Aug 30 15:07 tmp
I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a valid kerberos user.
Is it true in MIT kerberos?.How it handled in MIT Kerberos?
Pls give some insights into it.
thnx n regards
Prashant
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos