Re: Security issues with the PAM modules for Kerberos?
Arne Nordmark <arne.nordmark@mech.kth.se> writes:
> Hello,
>
> In the description for libpam-heimdal it says: "This module should only
> be used for local logins unless you really know what you are doing". On
> the other hand it is quite tempting to use it for IMAP servers etc, so
> what are the issues? Is it that it is easy to make misstakes in
> configuration, or that it is possible to spoof with a fake KDC, or that
> the code not is considered well audited, or something else?
>
> Arne
I'm not sure if they are refering to additional problems but
the obvious one, but the obvious one would be using an
unencrypted protocol to authenticate to pam with.....
//Tobbe
--
######################################################################
Torbjörn Pettersson # Email tobbe@strul.nu
Vattugatan 5 # Web www.strul.nu/~tobbe
S-111 52 Stockholm, Sweden #
######################################################################
Reply to: