[24554] in Kerberos

home help back first fref pref prev next nref lref last post

kinit issue

daemon@ATHENA.MIT.EDU (prashant sodhiya)
Tue Aug 30 15:32:42 2005

Date: 30 Aug 2005 13:55:32 -0000
Message-ID: <20050830135532.15402.qmail@webmail10.rediffmail.com>
MIME-Version: 1.0
From: "prashant  sodhiya" <prashant_sodhiya@rediffmail.com>
To: Kerberos@mit.edu
Content-Type: text/plain;
	charset=iso-8859-1
Content-Disposition: inline
cc: prashant_sodhiya@rediffmail.com
Reply-To: prashant  sodhiya <prashant_sodhiya@rediffmail.com>
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit

Hi,
  In MIT kerberos  a "kinit" creates  a credential file in /tmp, which is a world-writable directory.

$ ls  -l  /
	drwxrwxrwt   9 bin      bin            3584 Aug 30 15:07 tmp

I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a valid kerberos user.
Is it  true in MIT kerberos?.How it handled in MIT Kerberos?
Pls give some insights into it.

thnx n regards
Prashant
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post