"Eric Hill" <[EMAIL PROTECTED]> writes: > What you are trying to prevent is a root user on system A accessing > user data on system B without knowing the users' credentials. This is > precisely what Kerberos prevents. System B will not accept inbound > sessions without a Kerberos ticket, and it is impossible for a root > user on system A to gain a TGT for the user without knowing the users' > credentials.
Not true in general. The superuser has often the capability to read the user's credential cache (be it a plain file or something memory based) and could therefore impersonate the respective user - if already a valid ticket has been acquired by the user. Sebastian ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
