MIT Krb5 + SELinux
Jerome Walter
walter+kerberos at efrei.fr
Wed Apr 14 20:15:52 EDT 2004
On Wed, Apr 14, 2004 at 12:02:46PM -0400, Sam Hartman wrote:
> I cannot think of anything that Kerberos applications need other than
> network and urandom.
That's perfect.
> You probably want to make it difficult for either the KDC or the
> kadmind to execute other programs or switch domains to limit the
> efficacy of a compromise.
Difficult is not enough ;) Yes, for now, i created 3 different contexts,
for kdc, kadmind and kerberos applications. The restriction is fairly
strict and a compromised kdc should not mean possibility to get a root
priviledge, nor change any passowrds in the realm.
Now, i have to find an exploit in the kdc to test if i am right ;).
Jerome
--
-+-- Jerome Walter - EFREI p2004 ----+-
Mail *is* private
More information about the Kerberos
mailing list