[2422] in Kerberos-V5-bugs
krb5-appl/167: krshd requires home directory
daemon@ATHENA.MIT.EDU (tlyu@MIT.EDU)
Thu Nov 7 19:38:29 1996
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, tlyu@MIT.EDU
Date: Thu, 7 Nov 1996 19:37:10 -0500
From: tlyu@MIT.EDU
Reply-To: tlyu@MIT.EDU
To: krb5-bugs@MIT.EDU
>Number: 167
>Category: krb5-appl
>Synopsis: krshd requires home directory
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Nov 07 19:38:01 EST 1996
>Last-Modified:
>Originator: Tom Yu
>Organization:
mit
>Release: 1.0-development
>Environment:
System: SunOS tesla-coil 5.4 Generic_101945-37 sun4m sparc
>Description:
If you try to use krsh while your home directory is not there,
it won't let you in. Whether or not this is a bug is a matter of
perspective. For example, in the Athena environment, this is a
definite disadvantage, i.e. you can't do "rsh remhost
/bin/athena/attach $USER" anymore. Note that telnetd doesn't bother
checking whether the home directory isn't attached.
Note that any discussion on this bug also applies to pending/155,
which is Matt Power's observation about the possibility that using a
user's home directory for .k5login files may be a security hole.
>How-To-Repeat:
Attempt to execute a command using krsh while your homedir
isn't there.
>Fix:
>Audit-Trail:
>Unformatted:
