Date: Fri, 3 Apr 1998 01:56:52 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Mark Murray <mark@grondar.za> Cc: Charles Quarri <randy@hackerz.org>, stable@FreeBSD.ORG Subject: Re: Hesiod support on 2.2 Message-ID: <Pine.BSF.3.96.980403015427.21311Q-100000@fledge.watson.org> In-Reply-To: <199804030543.HAA24161@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 3 Apr 1998, Mark Murray wrote: > To make Hesiod secure, you should not use it to distribute passwords > (encrypted or not). That is what Kerberos is for. One of the things I > have picked up in 48 hours of research. Well, I actually did not intend to, nor was it my understanding that that was MIT's intent on writing it. They intended it as a directory service for typical UNIX config files (such as /etc/hosts) and user information (such as /etc/passwd, /etc/group). Toehold would dynamically create accounts on the machine, assigning them uids as appropriate, and use Kerberos to authenticate the user. However, the ability to specify passwd entries + group entries + hosts entries, etc, could be used to attack a machine in an insecure DNS arrangement. As I understand it, MIT then implemented kerberized DNS queries -- securing communication between the resolver and the server using rcmd entries and krb_mkpriv. This is not equivilent to DNSsec, which digitally signs the DNS data, rather than the transport. Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980403015427.21311Q-100000>