Re: kinit issue

2005-08-30 Thread Russ Allbery
"prashant sodhiya" <[EMAIL PROTECTED]> writes: > In MIT kerberos a "kinit" creates a credential file in /tmp, which is a > world-writable directory. > $ ls -l / > drwxrwxrwt 9 bin bin3584 Aug 30 15:07 tmp > I feel it can lead to Denial of Service attack if some other u

kinit issue

2005-08-30 Thread prashant sodhiya
Hi,  In MIT kerberos a "kinit" creates a credential file in /tmp, which is a world-writable directory. $ ls -l / drwxrwxrwt 9 bin bin3584 Aug 30 15:07 tmp I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a

kinit issue

2005-08-30 Thread prashant sodhiya
Hi,  In MIT kerberos a "kinit" creates a credential file in /tmp, which is a world-writable directory. $ ls -l / drwxrwxrwt 9 bin bin3584 Aug 30 15:07 tmp I feel it can lead to Denial of Service attack if some other user can create a credential file as that of a