separate keytab for pam_krb5

Frank Cusack frank at tenpedal.com
Sun Jan 22 00:49:11 EST 2012


That's unfortunate, if the argument is that now you don't need to worry
about the security of the screen saver instance/module.  On systems that
use screensavers, ie generally single user desktops, compromising a user
account is just as devastating to the user as compromising the entire
system.

On Saturday, January 21, 2012, Russ Allbery <rra at stanford.edu> wrote:
> Frank Cusack <frank at linetwo.net> writes:
>
>> They don't need to be.  The screen saver itself can be run in an
>> unprivileged context.
>
> Only with an internal architecture that screen savers often don't bother
> to implement any more, since no one does this these days now that pam_unix
> has a setuid helper.  So if you actualy make the screen saver setuid root,
> you may end up with an unaudited program that doesn't know how to manage
> its elevated security context.
>
> Screen savers did indeed used to always work this way, with setuid
> required, but since pam_unix added a setuid helper, all that's been
> largely unwound, or at least left unmaintained.
>
> --
> Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>


More information about the Kerberos mailing list