Solaris ssh pam_krb

[Nicolas Williams]

On Fri, Mar 31, 2006 at 06:29:57PM -0500, Ken Hornstein wrote:
> >> I agree that you can design a user-land scheme that's a lot better than
> >> a simple file, but there are enough tools available for grovelling through
> >> a user-level daemon's memory that I would prefer to have something better.
> >> Again, it's not 100%, but it's all a matter of degree.
> >
> >One tool name: DTrace.
> >
> >Ok, two: kmdb.
> >
> >Well, let's make it three and stop there: Xen.
> >
> >Sorry, I don't buy this line of argument.
> 
> I guess I don't follow you (and isn't Xen a virtual machine?  How does
> that apply?).

You said "but there are enough tools available for grovelling through a
user-level daemon's memory that I would prefer to have something
better," which I took to mean that you think that kernel memory is
somehow not subject to such tools.  Well, that's not so (let's not
discuss TCG/TPMs here).

>                I did say "matter of degree".  Sure, you can look through
> the whole kernel, and tools exist to do that today; but it's a harder
> task than looking through one process.  (I don't seem to have kmdb or
> Dtrace on any Solaris systems here; I don't know if they cost extra,
> but if an attacker would need those tools, they'd be out of luck here,
> assuming they didn't get a license from someone else).

DTrace and [k]mdb come with Solaris 10, they cost nothing extra, and
they use basic facilities that any all-privileged user-land application
can also use.

> Anyway, I guess we're not going to agree on this one.

Guess not :/