Is there a way of restricting access to MIT K5 kadmind from kadmin so that principals who are not listed in kadm5.acl are unable to do a getprinc on themselves or better still are unable to obtain a kadmin/admin ticket at all, even if they have successfully authenticated ?
Currently any principal that successfully authenticates can do a 'getprinc' on themselves. This is not stopped by an entry such as * ADMCIL * nor by an entry with the principal explicitely listed eg bloggsj@REALM ADMCIL bloggsj@REALM This might reduce the risk of exploitation of bugs in kadmind such as the recent "Integer Overflow in XDM library" (CERT CA-2002-25 , MITKRB5-SA-2002-001) -- David Shrimpton Systems Programmer Software Infrastructure, Information Technology Services University of Qld 4072 [EMAIL PROTECTED] Brisbane Australia ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
