Re: Major security-hole in kerberos rsh, rcp and rlogin.

Jeff Polk (polk@BSDI.COM)
Fri, 07 Nov 1997 09:25:57 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aaron Schultz: "Outdated DNS and syslog"
Previous message: Kurt Seifried: "Re: WARNING: Linux Intel Pentium Bug"

> just a note...
> it appears the bsdi version of su uses kerbose tickets if kerbose is
> configured.

Yes, but the BSDI kerberosIV implementation does not appear to
have the problem (the tf_init() routine which opens the ticket
file checks to see that the real uid of the process is either
root or owns the ticket file).

Jeff

-- /\ Jeff Polk Berkeley Software Design, Inc. (BSDI) /\/ \ polk@BSDI.COM 5575 Tech Center Dr. #110, Colo Spgs, CO 80919 / \ \ Voice: 719-260-8114 http://www.BSDI.COM/people/polk

For years, we thought that a million monkeys sitting at a million keyboards would produce the complete works of Shakespeare. Today, thanks to the Internet, we know that's not true.

Next message: Aaron Schultz: "Outdated DNS and syslog"
Previous message: Kurt Seifried: "Re: WARNING: Linux Intel Pentium Bug"