Date: Thu, 8 Feb 1996 15:52:09 -0500 (EST) From: "Garrett A. Wollman" <wollman@khavrinen.lcs.mit.edu> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/1006: Kerberized su has poor password interface Message-ID: <199602082052.PAA07154@khavrinen.lcs.mit.edu> Resent-Message-ID: <199602082100.NAA26705@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1006 >Category: bin >Synopsis: Kerberized su has poor password interface >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 8 13:00:02 PST 1996 >Last-Modified: >Originator: Garrett Wollman >Organization: MIT Laboratory for Computer Science >Release: FreeBSD 2.2-CURRENT i386 >Environment: Any version of FreeBSD since 2.0. >Description: The Kerberized su program will only accept a vaild Kerberos su password when it prompts for a password. In order to use UNIX or S/Key authentication, it is necessary to error out the first password prompt in order to get to one that accepts the right password. >How-To-Repeat: $ su >Fix: Do a better job of integrating Kerberos into su. In particular, the Kerberized su should not attempt to read its own password, but should instead wait for the S/Key and UNIX routines to error and then use the same password as was previously entered as the Kerberos password. >Audit-Trail: >Unformatted: Garrett A. Wollman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602082052.PAA07154>