[krbdev.mit.edu #2577] [Russ Allbery] Bug#250966: /usr/sbin/klogind: Authorization behavior not fully documented

Sam Hartman via RT rt-comment at krbdev.mit.edu
Thu May 27 19:26:05 EDT 2004 

Return-Path: <debbugs at bugs.debian.org>
Received: from solipsist-nation ([unix socket])
	by solipsist-nation (Cyrus v2.1.5-Debian2.1.5-1) with LMTP;
	Tue, 25 May 2004 21:38:12 -0400
X-Sieve: CMU Sieve 2.2
Return-Path: <debbugs at bugs.debian.org>
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
 [18.7.21.83])
	by suchdamage.org (Postfix) with ESMTP id 355F213174
	for <hartmans at suchdamage.org>; Tue, 25 May 2004 21:38:12 -0400 (EDT)
Received: from spohr.debian.org (spohr.debian.org [128.193.0.4])
	by pacific-carrier-annex.mit.edu (8.12.4/8.9.2) with ESMTP id
 i4Q1c8eP007942
	for <hartmans at mit.edu>; Tue, 25 May 2004 21:38:09 -0400 (EDT)
Received: from debbugs by spohr.debian.org with local (Exim 3.35 1 (Debian))
	id 1BSnHz-0002jo-00; Tue, 25 May 2004 18:33:03 -0700
X-Loop: owner at bugs.debian.org
Subject: Bug#250966: /usr/sbin/klogind: Authorization behavior not fully
 documented
Reply-To: Russ Allbery <rra at stanford.edu>, 250966 at bugs.debian.org
Resent-From: Russ Allbery <rra at stanford.edu>
Resent-To: debian-bugs-dist at lists.debian.org
Resent-Cc: Sam Hartman <hartmans at debian.org>
Resent-Date: Wed, 26 May 2004 01:33:02 UTC
Resent-Message-ID: <handler.250966.B.108553441531146 at bugs.debian.org>
X-Debian-PR-Message: report 250966
X-Debian-PR-Package: krb5-rsh-server
X-Debian-PR-Keywords: security
Received: via spool by submit at bugs.debian.org id=B.108553441531146
          (code B ref -1); Wed, 26 May 2004 01:33:02 UTC
Received: (at submit) by bugs.debian.org; 26 May 2004 01:20:15 +0000
Received: from smtp3.stanford.edu [171.67.16.138] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BSn5a-00083m-00; Tue, 25 May 2004 18:20:15 -0700
Received: from windlord.stanford.edu (windlord.Stanford.EDU [171.64.19.147])
	by smtp3.Stanford.EDU (8.12.11/8.12.11) with SMTP id i4Q1KDTs027824
	for <submit at bugs.debian.org>; Tue, 25 May 2004 18:20:14 -0700
Received: (qmail 12188 invoked by uid 1000); 26 May 2004 01:20:13 -0000
Message-ID: <20040526012013.12187.qmail at windlord.stanford.edu>
From: Russ Allbery <rra at stanford.edu>
To: Debian Bug Tracking System <submit at bugs.debian.org>
X-Mailer: reportbug 2.60
Date: Tue, 25 May 2004 18:20:13 -0700
Delivered-To: submit at bugs.debian.org
Resent-Sender: Debian BTS <debbugs at bugs.debian.org>
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on 
	solipsist-nation.suchdamage.org
X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00 autolearn=ham 
	version=2.63
X-Spam-Level: 
MIME-Version: 1.0

Package: krb5-rsh-server
Version: 1.3.3-1
Severity: normal
File: /usr/sbin/klogind
Tags: security

(Apologies if the security tag was inappropriate; I don't consider this
to be a major security hole or anything, but it does raise a security
issue, which was reportbug's definition.)

If klogind is used and configured with a default realm, and someone with
a user principal in that realm attempts to log on to an account that does
not have a .k5login file at all, that login appears to be authorized.
This may be somewhat surprising if one is not following the same namespace
as the Kerberos realm klogind is using, since the man page doesn't say
this and sort of implies that .k5login is always checked.

Ideally, it would be nice to have a switch to klogind that says "always
deny authorization if no .k5login file is present," but at the least I
think this should probably be documented in the klogind man page.

Note that this also isn't documented in the .k5login man page.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.26
Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL set to C)

Versions of packages krb5-rsh-server depends on:
ii  krb5-config                 1.6          Configuration files for Kerberos V
ii  libc6                       2.3.2.ds1-12 GNU C Library: Shared libraries an
ii  libcomerr2                  1.35-6       The Common Error Description libra
ii  libkrb53                    1.3.3-1      MIT Kerberos runtime libraries
ii  netbase                     4.16         Basic TCP/IP networking system

-- no debconf information

More information about the krb5-bugs mailing list