Date: Thu, 25 Sep 2003 08:32:50 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: freebsd-security@freebsd.org Subject: Re: unified authentication Message-ID: <20030925083250.H18252@seekingfire.com> In-Reply-To: <20030924230228.K55021@walter>; from freebsd-security@dfmm.org on Wed, Sep 24, 2003 at 11:10:55PM -0700 References: <bks9kq$46u$1@sea.gmane.org> <20030924122724.V31322@localhost> <200309241555.30825.jesse@wingnet.net> <20030924153355.T55021@walter> <20030924191807.D18252@seekingfire.com> <20030924230228.K55021@walter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 24, 2003 at 11:10:55PM -0700, Jason Stone wrote: > > > Well, it's worse than that - since the packets are not authenticated in > > > any way, an active attacker doesn't need to crack passwords - he can just > > > inject his own packets which can have crypted passwords that he knows. > > > > Which is why I use NIS with Kerberos - the passwords aren't in the NIS > > maps and injected fake users won't be authenticated by Kerberos. > > Okay, but I can still set jason's uid the same as tillman's and then use > his dot-files to alias his ssh to a trojan. Or set jason's uid to zero.... How is this attacker injecting packets onto the network? They must have obtained root on the local machine. If they have root on the local machine they can trojan files /anyway/. They can change UIDs around all they want. This situation is dangerous no matter what network authorization system is in use. Running NIS over IPsec would be better, of course, just as running /anything/ over IPsec is generally better. But I don't think that it's trivial to compromise Kerberos+NIS as a regular user. -T -- All beings are Buddha. All beings are the truth, just as they are. Robert Aitken
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030925083250.H18252>