file-based credentials vs memory-based credentials

Love Hörnquist Åstrand lha at kth.se
Tue Jan 26 02:12:13 EST 2010


Hello,

> I sometimes hears than kerberos 5 security is lowered by the use of file 
> based credentials, whereas kerberos 4 was using shared memory instead, 
> making much more difficult to an admin (for instance) to retrieve a 
> valid user ticket.

kth-krb never had shared memory credentials, dunno about MIT Kerberos.

> I know an admin user can scan the memory for a user ticket, but a quick 
> google search on the issue didn't returned any such tool ready for user. 
> And unless some string pattern make easy to grep /proc/kcore for 
> extracting those ticket, is this assertion reserved to admins able to 
> craft a dedicated memory scanning tool ?
> 
> Also, I've read than kerberos 5 specification doesn't enforce one or the 
> other kind of storage, that's just MIT and heimdal implementation 
> choices. Are they any way, for both of them, to use memory-based 
> credential cache instead ?

Heimdal also supports kcm, which is a credential cache server. That brings credentials into memory, but that is probably not so exciting. Currently its most like a ffile like interface between libkrb5 and kcm.

Eventually it will support doing krb5_mk_req() in the process so the keys never will leave kcm.

Love






More information about the Kerberos mailing list