From owner-freebsd-security@FreeBSD.ORG  Wed Sep 24 23:10:56 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DBAB116A4B3
	for <freebsd-security@freebsd.org>;
	Wed, 24 Sep 2003 23:10:56 -0700 (PDT)
Received: from dfmm.org (walter.dfmm.org [209.151.233.240])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3844B44013
	for <freebsd-security@freebsd.org>;
	Wed, 24 Sep 2003 23:10:56 -0700 (PDT)
	(envelope-from freebsd-security@dfmm.org)
Received: (qmail 84564 invoked by uid 1000); 25 Sep 2003 06:10:56 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 25 Sep 2003 06:10:56 -0000
Date: Wed, 24 Sep 2003 23:10:55 -0700 (PDT)
From: Jason Stone <freebsd-security@dfmm.org>
X-X-Sender: jason@walter
To: freebsd-security@freebsd.org
In-Reply-To: <20030924191807.D18252@seekingfire.com>
Message-ID: <20030924230228.K55021@walter>
References: <bks9kq$46u$1@sea.gmane.org> <20030924122724.V31322@localhost>
 <200309241555.30825.jesse@wingnet.net> <20030924153355.T55021@walter>
 <20030924191807.D18252@seekingfire.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: Re: unified authentication
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2003 06:10:57 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> > Well, it's worse than that - since the packets are not authenticated in
> > any way, an active attacker doesn't need to crack passwords - he can just
> > inject his own packets which can have crypted passwords that he knows.
>
> Which is why I use NIS with Kerberos - the passwords aren't in the NIS
> maps and injected fake users won't be authenticated by Kerberos.

Okay, but I can still set jason's uid the same as tillman's and then use
his dot-files to alias his ssh to a trojan.  Or set jason's uid to zero....


 -Jason

 --------------------------------------------------------------------------
 Freud himself was a bit of a cold fish, and one cannot avoid the suspicion
 that he was insufficiently fondled when he was an infant.
	-- Ashley Montagu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg

iD8DBQE/cobvswXMWWtptckRAjboAJ9Tce8Ut/0Wl8PFYdGF3bn5LAe+8wCdH/Y5
Ml4lVzqto18/4OKPZUIAhZU=
=IxMK
-----END PGP SIGNATURE-----