[1825] in Kerberos-V5-bugs
Re: krb5_sname_to_principal comments lie
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Feb 29 17:22:09 1996
To: eichin@cygnus.com
Cc: jhawk@MIT.EDU, krb5-bugs@MIT.EDU
From: hartmans@MIT.EDU (Sam Hartman)
Date: 29 Feb 1996 17:20:15 -0500
In-Reply-To: eichin@cygnus.com's message of Thu, 29 Feb 1996 14:25:24 -0500
>>>>> "eichin" == eichin <eichin@cygnus.com> writes:
eichin> Presumably the vendors that have something like
eichin> /etc/nsswitch.conf and use "hosts,bind" will find the
eichin> /etc/hosts entry before even consulting the bind
eichin> resolver... it might be good to write a test case for
eichin> this; the alternative is adding an explicit config file
eichin> for "real hostname" :-)
I fail to see how failing to find your hostname on a properly
configured system creates more than a denial of service attack. If
you have untrusted keys in /etc/v5srvtab, you are asking for trouble.
The interesting case in my mind is with mutual authentication
when DNS is consulted for access to a remote system.
On a side note, I'll be writing up a formal spec (to go into
the docs) for the proposed API to do sname_to_princ for IP addresses
and posting that to krbdev soon. It doesn't really effect this issue
other than doing one more DNS query that we can't trust, but do anyway.
--Sam
