From owner-freebsd-security  Thu Mar 25  7:40:32 1999
Delivered-To: freebsd-security@freebsd.org
Received: from host07.rwsystems.net (kasie.rwsystems.net [209.197.192.103])
	by hub.freebsd.org (Postfix) with ESMTP id 01066153E4
	for <freebsd-security@FreeBSD.ORG>; Thu, 25 Mar 1999 07:40:30 -0800 (PST)
	(envelope-from jwyatt@RWSystems.net)
Received: from kasie.rwsystems.net([209.197.192.103]) (930 bytes) by host07.rwsystems.net
	via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
	(sender: <jwyatt@RWSystems.net>) 
	id <m10QC2X-000bxeC@host07.rwsystems.net>
	for <freebsd-security@FreeBSD.ORG>; Thu, 25 Mar 1999 09:27:25 -0600 (CST)
	(Smail-3.2.0.104 1998-Nov-20 #1 built 1998-Dec-24)
Date: Thu, 25 Mar 1999 09:27:25 -0600 (CST)
From: James Wyatt <jwyatt@RWSystems.net>
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Kerberos vs SSH
In-Reply-To: <199903250905.BAA95946@apollo.backplane.com>
Message-ID: <Pine.BSF.4.05.9903250926290.23152-100000@kasie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 25 Mar 1999, Matthew Dillon wrote:
	[ ... ]
>     are still vulnerable.  You can get into the account just fine without 
>     exposing a password, but once in the account if you need to type a
>     password of any sort in to do something else, *that* password is
>     vulnerable to interception.

especially sudo and su... - Jy@



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message