Great Circle Associates Firewalls
(November 1993) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Hijacking AFS
From: "Perry E. Metzger" <pmetzger @ lehman . com>
Date: Mon, 01 Nov 1993 11:54:30 -0500
To: firewalls @ greatcircle . com
In-reply-to: Your message of "Mon, 01 Nov 1993 11:38:05 EST." <kgpHhhC0ts4jEtwzxK @ alw . nih . gov>
Reply-to: pmetzger @ lehman . com 
Bob Dew says:
> Perry, I never, ever made such a contention.  I've always maintained
> that AFS is as secure as the root password on the host that runs the
> cache manager.

If the kerberos authentication is done on a machine other than the one
the user is on, and non cryptographically authenticated protocols are
used to perform this proceedure, the system is insecure. Again, I
don't care to discuss this contention except in private mail.

Perry
Follow-Ups:
References:
Indexed By Date Previous: Re: Sendmail bug (feature ?) - is this it ?
From: scott @ santafe . edu
Next: John Markoff (NYT) must be reading this list!
From: long-morrow @ CS . YALE . EDU (H Morrow Long)
Indexed By Thread Previous: Re: Hijacking AFS
From: Bob Dew <rdew @ alw . nih . gov>
Next: Re: Hijacking AFS
From: Bob Dew <rdew @ alw . nih . gov>
Google
 
Search Internet Search www.greatcircle.com