Kerberos Ldap Integration
Derek Harkness
dharknes at umd.umich.edu
Mon Jun 16 10:40:46 EDT 2008
True, I was going with the case of a lab of single person workstations
in which no other creds would exist on the system. So root wouldn't
be able to establish the creds.
In the other case stealing the creds as root is certainly more
difficult then accidental usage of root privileges. Again going with
the lab problem posted here.
Derek
On Jun 10, 2008, at 9:37 AM, Sebastian Hanigk wrote:
> "Eric Hill" <eric at ijack.net> writes:
>
>> What you are trying to prevent is a root user on system A accessing
>> user data on system B without knowing the users' credentials. This
>> is
>> precisely what Kerberos prevents. System B will not accept inbound
>> sessions without a Kerberos ticket, and it is impossible for a root
>> user on system A to gain a TGT for the user without knowing the
>> users'
>> credentials.
>
> Not true in general. The superuser has often the capability to read
> the
> user's credential cache (be it a plain file or something memory based)
> and could therefore impersonate the respective user - if already a
> valid
> ticket has been acquired by the user.
>
>
> Sebastian
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list