[OpenAFS] token theft under XP
Rodney M Dyer
rmdyer@uncc.edu
Thu, 12 Dec 2002 15:42:02 -0500
At 01:29 PM 12/12/2002 -0600, Charles Clancy wrote:
> > >Scenario:
> > >1. domain user 'x' logs in, gets tokens
> > >2. 'x' logs out
> > >3. local machine administrator goes in and creates local user 'x'
> > >4. log in as local user 'x'
> > >5. local user has access to the token and drive mappings obtained by the
> > > domain user
> >
> > Umm, have you tried this?
>
>Yes. Otherwise I wouldn't have posted it (or noticed it for that matter).
Well then, there must be a bug in the OpenAFS client service because this
shouldn't happen.
I don't have time to fix it. (default answer for Derrick J Brashear)
Rodney
>I used the 1.2.6 client under WinXP.
>
>I understand that PAGs would solve the problem, but the little systray
>icon tokens tool doesn't do that by default.
>
>[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]
>
>_______________________________________________
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info