[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?

To: "Paul Sebastian Ziegler" <psz@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?
From: "マグロ原子" <atoom.tonijn@xxxxxxxxx>
Date: Fri, 15 Sep 2006 13:32:49 +0200

In-Reply-To: <4509C2FE.8020104@xxxxxxxxxxx>

I don't really see the point... Possible vulnerabilities (if I didn't
horribly misunderstand something):

*The AFS server would still need to be updated to keep it secure.
*If the imaged OS is rootable:
**The AFS clients that load the images could be replaced by phishnets.
**The attacker could pose as the user having access to Kerberos
credentials. (So rm -r / would delete the users "securely kept files")

Or do users only have read-only access to their files?? That doesn't
seem useful.

Nyoro~n

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?
  - From: Dean Pierce

Prev by Date: Re: [Full-disclosure] 0day IE6? ActiveX COM
Next by Date: [Full-disclosure] It would be great if you could reply to messages without starting a new thread... (Was: 0day IE6? ActiveX COM)
Previous by thread: Re: [Full-disclosure] 0day IE6? ActiveX COM
Next by thread: Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?
Index(es):
- Date
- Thread