> That brings up a similar exploit: > > Authed user has the session key, from afs/<cell> ticket. > User modifies the stream being protected by his session key, > to turn on suid bit thus gaining root. > > This sounds like if root on a machine needs to trust AFS with > /usr and /bin, root better have its own keyed identity.
It also seems to me that you could do a pretty effective D.O.S. by sending fileStatus for various files (say starting with /bin/sh) with zero'd mode bits. John _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
