[OpenAFS] Asecurtiy hole or a mistake of configuration

Mike Lee mike.li@bamboonetworks.com
Thu, 07 Feb 2002 10:04:38 +0800


When without configure PAM,
<1>USER1 use klog to login AFS, (tty1)
<2>switch to another terminal(tty2), login as root , and su USER1, and
this terminal got a tokens as tty1 without any password

with PAM configure, it would not be that.

Thank You