[2987] in Kerberos
ksu
daemon@ATHENA.MIT.EDU (Derek Atkins)
Wed Jan 26 16:42:52 1994
To: Scott Dawson <sdawson@engin.umich.edu>
Cc: sdawson@engin.umich.edu, kerberos@MIT.EDU
In-Reply-To: [2985] in Kerberos
Date: Wed, 26 Jan 94 16:11:25 EST
From: Derek Atkins <warlord@MIT.EDU>
Hi.
There are two holes that I know of in ksu. The first is that if there
is no rcmd ticket, a successful root ticket will let you in, and
second, it is possible to spoof a principal and rcmd ticket, and it
will let you in. I know of no patches for these holes.
The second attack is slightly more difficult than the first.
-derek
