Full Disclosure mailing list archives
Re: AFS - The Ultimate Sulution?
From: Paul Sebastian Ziegler <psz () observed de>
Date: Wed, 20 Sep 2006 15:54:11 +0200
マグロ原子 wrote:
On 9/17/06, Paul Sebastian Ziegler <psz () observed de> wrote:Yes, it would still be possible to root the system, but how would that help to get another user? Even if the system is rooted you would only have access to your own files and could not even crack other user's pws since they aren't in your password-file.Since every machine would run the same image, if your system is rooted, all others could be.
True, but only for the same user which the attacker would need to have to be able to log in as. (As long as there is no remote exploit in which case the victim would have to be logged in). Thus making it different machines from a hardware point of view but only the same machine if looked at by the software (after booting).
As you said this requires that the AFS-Server is being kept up to date. But the Images wouldn't have to be.Yes they would.Of course somebody could be hardlogging on a workstation, but it wouldn't be possible to sniff pws from the kerberos-session due to encryption.Again if the system is rooted, it's possible to install a modified "loader", which loads a modified OS image, which can sniff passwords and do everything else.
Thats a good point. Since the loader is part of the workstation it should be possible to swap it with full system-control. But what if this loader would also be taken from another server - say by using Netboot or something similar? Then it would be out of the reach of even root. Paul
Nyoro~n _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- AFS - The Ultimate Sulution? Paul Sebastian Ziegler (Sep 14)
- Re: AFS - The Ultimate Sulution? Denis Jedig (Sep 17)
- <Possible follow-ups>
- Re: AFS - The Ultimate Sulution? マグロ原子 (Sep 20)
- Re: AFS - The Ultimate Sulution? Paul Sebastian Ziegler (Sep 20)
- Re: AFS - The Ultimate Sulution? Siim Põder (Sep 20)
- Re: AFS - The Ultimate Sulution? Valdis . Kletnieks (Sep 20)
- Re: AFS - The Ultimate Sulution? Brian Eaton (Sep 20)
- Re: AFS - The Ultimate Sulution? Valdis . Kletnieks (Sep 20)
- Re: AFS - The Ultimate Sulution? Paul Sebastian Ziegler (Sep 20)