porting CCAPI to UNIX

Ken Hornstein kenh at cmf.nrl.navy.mil
Wed May 9 23:50:47 EDT 2007

>Perhaps I misspoke: I don't think it's worthwhile to invest  
>significant effort or runtime cost or complexity in making it hard  
>for one process to access the credentials of another process under  
>the same uid, if ptrace and /proc are still going to get around the  
>restrictions easily.

Well, I guess that all depends on your defintion of "easy".  I don't
see breaking this cache now being particularly easy.  It would take
some significant work.  It's nowhere close to, say, copying a file in

Let me ask you this: if your position is that as long as ptrace()
and friends can be used across session boundaries it's not worthwhile
to make significant effort in isolating credential cache access ...
then there is no _security_ benefit in porting the CCAPI to Unix,
correct?  (there may be other benefits).  Everything you have talked
about in terms of CCAPI RPC mechanisms is limited to userid access
control, which is what we have with the file cache today.


More information about the krbdev mailing list