[346] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: converting a hostname into its realm

daemon@TELECOM.MIT.EDU (John T Kohl)
Mon Apr 4 14:46:56 1988

From: John T Kohl <jtkohl@ATHENA.MIT.EDU>
To: davy@INTREPID.ECN.PURDUE.EDU
Cc: John T Kohl <jtkohl@ATHENA.MIT.EDU>, kerberos@ATHENA.MIT.EDU
In-Reply-To: Dave Curry's message of Mon, 04 Apr 88 13:27:42 EST,

   From: davy@intrepid.ecn.purdue.edu (Dave Curry)
   Date: Mon, 04 Apr 88 13:27:42 EST

   It should be reasonably easy to make the file un-prone to spoofing.
   (No symbolic links, link count = 1, correct owner and mode, you could
   even store a checksum in the binary and update it like "ps" updates
   itself, if you had to.)

It's probably even easier that that.  Currently the /etc/krb.conf file
is trusted; theoretically an attack there would be just as damaging as
an attack on a translation table in some other file.

John


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[346] in Kerberos

Re: converting a hostname into its realm

daemon@TELECOM.MIT.EDU (John T Kohl)Mon Apr 4 14:46:56 1988

daemon@TELECOM.MIT.EDU (John T Kohl)
Mon Apr 4 14:46:56 1988