kinit issue

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

kinit issue

prashant  sodhiya
Hi,
  In MIT kerberos  a "kinit" creates  a credential file in /tmp, which is a world-writable directory.

$ ls  -l  /
        drwxrwxrwt   9 bin      bin            3584 Aug 30 15:07 tmp

I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a valid kerberos user.
Is it  true in MIT kerberos?.How it handled in MIT Kerberos?
Pls give some insights into it.

thnx n regards
Prashant
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos