On Wed, 20 Feb 2002, David Bear wrote: > Something I notices about tokens on linux and I'm not sure if it should be > a security issue or not. > > Here's what I did on Caldera OL (red hat derivative) > > from kde -- open a shell, the klog > log out of kde > log back in -- cache manager still has the tokens
get a pag. if you're using pam, install the pam afs modules. this isn't insecure, it's how afs works. if you have no pag, the tokens are seen by all processes not in a pag. > What precautions are available to prevent token stealing from linux/kde? it's not theft if you did something which is essentially "deliberately sharing them with everyone" -D _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
