[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Sticky authentication/authorisation issues
>>>>> "Brandon" == Brandon S Allbery KF8NH <allbery@ece.cmu.edu> writes:
Brandon> You should avoid accessing such mechanisms from hosts
Brandon> whose security you don't trust. In our case, that would
Brandon> be machines on the Computing Facilities subnet (and, when
Brandon> possible --- i.e. ssh public keys --- you constrain their
Brandon> use (and, if possible, access to them) to that subnet).
Its not just the security of the host you have to trust, its also the
security of every program installed and running that has read access
to the ticket, too.
eg. a web browser could potentially have a security flaw in
JavaScript, Java, or something else that allows running commands it
should not be allowed to have. A document could have an embedded macro
that does nasty things using your Kerberos ticket. Alternatively, even
if it doesn't have access to the Kerberos ticket, maybe it can trick a
program that does have access (e.g. by sending keystroke events,
setting up fake keyboard bindings, macros, or similar).
Yes, these are more common on Windows and Microsoft Programs instead
of Linux, but some people do use Windows, and some of them might use
Kerberos.
--
Brian May <bam@snoopy.apana.org.au>
- References:
- Future of kerberised telnet, login, rsh, ftp?
- From: Andrew Bartlett <abartlet@samba.org>
- Re: Future of kerberised telnet, login, rsh, ftp?
- From: Ilia Chipitsine <ilia@paramon.ru>
- Re: Future of kerberised telnet, login, rsh, ftp?
- From: Brian May <bam@snoopy.apana.org.au>
- Re: Future of kerberised telnet, login, rsh, ftp?
- From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
- Re: Sticky authentication/authorisation issues
- From: Brian May <bam@snoopy.apana.org.au>
- Re: Sticky authentication/authorisation issues
- From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>