[15481] in Athena Bugs
leash 1.3 on WNT-- tickets not destroyed
daemon@ATHENA.MIT.EDU (David Woodruff, MIT Lab for Nuclea)
Thu Sep 11 11:12:42 1997
Date: Thu, 11 Sep 1997 11:12:06 -0400
From: "David Woodruff, MIT Lab for Nuclear Science" <DSW@mitlns.mit.edu>
To: bugs@MIT.EDU
Cc: DSW@mitlns.mit.edu
Hi,
We have installed leash and hostexplorer on Windows NT 4.0 (Service Pack 3),
and we found an unexpected behavior ('bug').
I logged on, got my kerberos tgt and a few others logging into other machines.
Then I logged off, and my friend logged on. After he logged on we found that
my tickets had not been destroyed when I logged off, and they were available
for his use. As a consequence when he used hostexplorer to connect to
irene.mit.edu, a VMS machine in our lab that runs MULTINET kerberos client,
he was immediately connected into MY account without being asked for username
and password.
So each of us using the WindowsNT machine must learn to actively destroy
our tickets before logging out. This is basically unacceptable, since we
may not always remember to do this. And what happens when we have to explain
it to the lab secretaries?...
Thanks for any help,
David S. Woodruff
VMS systems and applications
MIT Lab for Nuclear Science
