Something I notices about tokens on linux and I'm not sure if it should be a security issue or not.
Here's what I did on Caldera OL (red hat derivative) from kde -- open a shell, the klog log out of kde log back in -- cache manager still has the tokens Now, perhaps I'm thinking too microsoft here, but I assumed that when you log out of kde, then all processes owned by that login context would be dropped, including the tokens obtained during that session. This is what NT does isn't it? (an nt/win2k user can log out, then log back in, and the token is safely 'gone') What precautions are available to prevent token stealing from linux/kde? -- David Bear College of Public Programs/ASU 480-965-8257 ...the way is like water, going where nobody wants it to go _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
