[OpenAFS] The Illusion of Security
Mon, 18 Aug 2003 08:34:34 -0400 (EDT)
>>>>> "Rodney" == Rodney M Dyer <firstname.lastname@example.org> writes:
Rodney> Subtitled "My Gripe with Pipe" Hi everyone,
Rodney> Originally the email centered around the simple question
Rodney> of why the MIT Kerberos for Windows "kinit" client will
Rodney> not allow passwords to be provided through stdin. See...
Rodney> http://www.coe.uncc.edu/~rmdyer/krblogon.htm Section:
Rodney> Very Important Notes SubSection: "Bug in MIT's version of
Rodney> KINIT.EXE prevents reading passwords from stdin"
It's probably a good idea to at least copy one of the MIT Kerberos
lists on bugs yu find in our code. We don't tend to read the OpenAFS
lists and we don't suddenly become aware of issues that aren't brought
to our attention.
Rodney> At this point if anyone has any other reasons I'd love to
Rodney> hear them. I suppose these are all perfectly valid
Rodney> reasons for intentionally coding "kinit" so that it can't
Rodney> allow stdin to be used.
Rodney> I'm what might be termed as a practical, or practitioning
Rodney> systems programmer. That means that for solving the given
Rodney> problem of the day I may not always be capable of pursuing
Rodney> idealistic solutions.
Rodney> Case in point, for the problem of gluing together three
Rodney> differing systems of AFS, Windows, and Kerberos 5 I had to
Rodney> put together something that I had hoped would be easy to
Rodney> understand, require little code, be easily scriptable, use
Rodney> off-the-shelf components that people are already familiar
Rodney> with, and above all else be secure. I had put together
Rodney> the method of using the AFSLogonShell, kinit, and aklog,
Rodney> to solve a number of niggling little problems with storing
Rodney> user accounts in AFS while authenticating my users to
Rodney> Kerberos 5. This all seemed to be very rational to me.
Let's assume that MIT's kinit for KFW did accept passwords on
stdin. Would you have had to modify any of the AFS code or is
there already a facility for starting a shell during the afs login