Re: pam and kerberos + xlock on Debian

To: Sam Hartman <hartmans@debian.org>
Cc: debian-kerberos@mekinok.com, debian-devel@lists.debian.org
Subject: Re: pam and kerberos + xlock on Debian
From: Martin Povolny <xpovolny@aurora.fi.muni.cz>
Date: Fri, 16 Nov 2001 17:55:29 +0100
Message-id: <[🔎] 20011116175529.A3915@aurora.fi.muni.cz>
In-reply-to: <[🔎] tslbsi2pz8a.fsf@loggerhead.mekinok.com>; from hartmans@debian.org on Fri, Nov 16, 2001 at 09:27:49AM -0500
References: <[🔎] 20011116111519.A23417@aurora.fi.muni.cz> <[🔎] tslbsi2pz8a.fsf@loggerhead.mekinok.com>

Dne: Fri, Nov 16, 2001 at 09:27:49AM -0500, Sam Hartman napsal:
> 
> So, you can't really do this securely without having read access to
> /etc/krb5.keytab.  The problem is that  you cannot verify the TGT  
> you get back so someone could be spoofing your Kerberos session.  
> 

Ok, so for now there's probably only the quick, dirty and bad solution:

chmod u+s $(which xlock)

isn't it

-- 
Martin Povolný, xpovolny@fi.muni.cz, http://www.fi.muni.cz/~xpovolny

...one can now boot directly into emacs from LILO or GRUB, 
and thus avoid the need for an operating system entirely... -- LWN

Reply to:

Follow-Ups:
- Re: pam and kerberos + xlock on Debian
  - From: Sam Hartman <hartmans@debian.org>

References:
- pam and kerberos + xlock on Debian
  - From: Martin Povolny <xpovolny@aurora.fi.muni.cz>
- Re: pam and kerberos + xlock on Debian
  - From: Sam Hartman <hartmans@debian.org>

Prev by Date: Release candidate of gimp-print, changelog urgencies
Next by Date: Re: pam and kerberos + xlock on Debian
Previous by thread: Re: pam and kerberos + xlock on Debian
Next by thread: Re: pam and kerberos + xlock on Debian
Index(es):
- Date
- Thread