MIT Kerberos Master principal deletion

D'Angelo, Jeff C jcd at psu.edu
Mon Jun 15 22:58:21 EDT 2020 

Would the stash file help here (if it exists)?


--

Jeff

________________________________
From: kerberos-bounces at mit.edu <kerberos-bounces at mit.edu> on behalf of Chris Hecker <checker at d6.com>
Sent: Thursday, June 11, 2020 6:54 PM
To: Nico Williams <nico at cryptonector.com>
Cc: Harshawardhan Kulkarni <harshawardhan.rk at gmail.com>; kerberos at mit.edu <kerberos at mit.edu>
Subject: Re[2]: MIT Kerberos Master principal deletion


 > I don't think it would make it harder.

I just mean because you won't be able to set a breakpoint at a function
that uses the key, you'll have to actually chase it around in memory
(assuming you use something like gcore to dump it as fast as possible
without regard to where it is executing when it's dumped).

If I was doing this live, I'd set a breakpoint on some function that
used the key to decrypt and then inspect there, but with a core file
you'll need to make sure you can find all the structures first.

Is realm_mkey in the kdc_realm_data struct the one he wants?

Chris

------ Original Message ------
From: "Nico Williams" <nico at cryptonector.com>
To: "Chris Hecker" <checker at d6.com>
Cc: "Harshawardhan Kulkarni" <harshawardhan.rk at gmail.com>;
"kerberos at mit.edu" <kerberos at mit.edu>
Sent: 2020-06-11 15:31:28
Subject: Re: MIT Kerberos Master principal deletion

>On Thu, Jun 11, 2020 at 10:19:39PM +0000, Chris Hecker wrote:
>>  Maybe dump the core of the running process so you don't accidentally crash
>>  it while trying to debug it live?  But that would make finding it in memory
>>  even harder...
>
>I don't think it would make it harder.
>
>BTW, we should make it much harder to delete important principals...


________________________________________________
Kerberos mailing list           Kerberos at mit.edu
https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailman.mit.edu%2Fmailman%2Flistinfo%2Fkerberos&amp;data=02%7C01%7Cjcd%40psu.edu%7C5ecb0ae46a0f4206310108d80e5b131f%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637275131630535798&amp;sdata=slErWkRJAvfE0nd%2BMESCEFY5Ucx8c79mIpMN%2BwFBMz8%3D&amp;reserved=0

More information about the Kerberos mailing list