In MIT kerberos a "kinit" creates a credential file in /tmp, which is a world-writable directory.
$ ls -l /
drwxrwxrwt 9 bin bin 3584 Aug 30 15:07 tmp
I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a valid kerberos user.
Is it true in MIT kerberos?.How it handled in MIT Kerberos?
Pls give some insights into it.