[OpenAFS-devel] Multi-User Windows 2000 Token security
Leif Johansson
leifj@it.su.se
Mon, 1 Oct 2001 17:19:34 +0200
On Thu, Sep 27, 2001 at 11:15:06AM -0400, Sam Hartman wrote:
> >>>>> "Leif" == Leif Johansson <leifj@it.su.se> writes:
>
> Leif> On Wed, Sep 26, 2001 at 05:24:42PM -0700, James Peterson
> Leif> wrote:
> >> As others have mentioned there is a security problem with
> >> Windows 2000 in a multi-user environment.
> >>
> >> The only work around is, for multi-user Windows 2000 configure
> >> it so that all Logon require a restart.
> >>
>
> Leif> If we can trust the security (?) of the local filesystem we
> Leif> could presumably replace klog with kinit+afslog (I am
> Leif> temporarily ignoring the problems of getting a
> Leif> multiuser-safe kerberos on windows) and do and afslog on
> Leif> each smb session start. Would this be possible or have I
> Leif> just assumed someting unrealistic, like access to windows
> Leif> sources... ??
>
> I don't think you need to trust local filesystem. I think you could
> recompile kenh's aklog against a version of MIT Kerberos that supports
> ccapi and have a solution for at least krb5.
I thought the issue was that the session can be split over multiple
smb-sessions which each needs access to the token. If we could force
each smb-session to do the equivalent of an afslog/aklog using a normal
krb5 ccache file we could go back to having a separate token for each
smb-session.
MVH leifj