Re: security hole in GSS when running as root?

help-gss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security hole in GSS when running as root?

From:	Simon Josefsson
Subject:	Re: security hole in GSS when running as root?
Date:	Wed, 25 Oct 2006 12:54:30 +0200
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)

"Galchin Vasili" <address@hidden> writes:

> Hello,
>
>     If some GSS security mecahisms store information, like e.g.
> credentials, in files, running as root a process can read these files and
> then masquerade as others.

Right.  The Unix design has been to give "root" the ability to do
anything on a system, including reading user's private credentials.

There are few technical options that solve this completely, as far as
I'm aware.

Do you consider this an important problem?  If you have suggestions on
solving it, I'd be happy to discuss them.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

security hole in GSS when running as root?, Galchin Vasili, 2006/10/24
- Re: security hole in GSS when running as root?, Simon Josefsson <=

Prev by Date: security hole in GSS when running as root?
Next by Date: Re: Help-gss Digest, Vol 6, Issue 1
Previous by thread: security hole in GSS when running as root?
Next by thread: Re: Help-gss Digest, Vol 6, Issue 1
Index(es):
- Date
- Thread