"prashant sodhiya" <[EMAIL PROTECTED]> writes: > In MIT kerberos a "kinit" creates a credential file in /tmp, which is a > world-writable directory.
> $ ls -l / > drwxrwxrwt 9 bin bin 3584 Aug 30 15:07 tmp > I feel it can lead to Denial of Service attack if some other user can > create a credential file as that of a valid kerberos user. Is it true > in MIT kerberos? If you insist on one particular name for a ticket cache, then yes, someone could create a file with that name and deny you the use of that name. To avoid this, don't insist on one particular name for a ticket cache but instead create the ticket cache with mkstemp or a similar routine. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
