Solaris ssh pam_krb

[Nicolas Williams]

On Fri, Mar 31, 2006 at 05:17:10PM -0500, Ken Hornstein wrote:
> >Which attacks are we talking about?  Attacks on the /tmp/krb5cc_<uid>
> >scheme?  Yes, that's weak.  But it is absolutely not the case that all
> >user-land schemes are inherently subject to that sort of attack; in
> >fact, modern architectures and operating systems provide lots of
> >facilities, beginning with MMUs and virtual memory, and including lots
> >of access controls.
> 
> I agree that you can design a user-land scheme that's a lot better than
> a simple file, but there are enough tools available for grovelling through
> a user-level daemon's memory that I would prefer to have something better.
> Again, it's not 100%, but it's all a matter of degree.

One tool name: DTrace.

Ok, two: kmdb.

Well, let's make it three and stop there: Xen.

Sorry, I don't buy this line of argument.

Nico
--