[29950] in Kerberos
Re: Kerberos Ldap Integration
daemon@ATHENA.MIT.EDU (Sebastian Hanigk)
Tue Jun 10 16:14:28 2008
From: Sebastian Hanigk <hanigk@in.tum.de>
Date: Tue, 10 Jun 2008 18:37:52 +0200
Message-ID: <g2mal0$5pf$1@news.lrz-muenchen.de>
Mime-Version: 1.0
X-Complaints-To: newsmaster@lrz-muenchen.de
Mail-Copies-To: never
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
"Eric Hill" <eric@ijack.net> writes:
> What you are trying to prevent is a root user on system A accessing
> user data on system B without knowing the users' credentials. This is
> precisely what Kerberos prevents. System B will not accept inbound
> sessions without a Kerberos ticket, and it is impossible for a root
> user on system A to gain a TGT for the user without knowing the users'
> credentials.
Not true in general. The superuser has often the capability to read the
user's credential cache (be it a plain file or something memory based)
and could therefore impersonate the respective user - if already a valid
ticket has been acquired by the user.
Sebastian
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
