[1753] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: cache file bug

daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Dec 21 18:49:33 1995

Date: Thu, 21 Dec 1995 18:49:28 -0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: Andrew Gross <grossa@SDSC.EDU>
Cc: krb5-bugs@MIT.EDU
In-Reply-To: "[1750] in Kerberos-V5-bugs"

   From: Andrew Gross <grossa@SDSC.EDU>
   Date: Wed, 20 Dec 95 02:06:37 PST

      I think that adding O_EXCL to the FCC_OPEN_AND_ERASE option of
   krb5_fcc_open_file() (fcc_maybe.c) will take care of the problem.
   The corresponding change will be needed in krb5_scc_open_file().

It turns out to be very hard to do this in scc_open_file(), since
there's no exclusive open using the stdio abstractions.  I did put in an
unlink() of data->filename, which makes it much harder for such an
attack to win.  (Basically, the attacker has to hit a race window, which
is better than nothing.)

						- Ted


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1753] in Kerberos-V5-bugs

Re: cache file bug

daemon@ATHENA.MIT.EDU (Theodore Ts'o)Thu Dec 21 18:49:33 1995

daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Dec 21 18:49:33 1995