Subject: Re: xdm, PAM and krb5 broken
To: None <current-users@netbsd.org>
From: Jukka Salmi <j+nbsd@2006.salmi.ch>
List: current-users
Date: 10/19/2006 11:14:04
Christian Biere --> current-users (2006-10-19 03:32:51 +0200):
> Jukka Salmi wrote:
> > on a -current Kerberos V system login(1) works fine while xdm(1) doesn't
> > (both are using pam(8), default /etc/pam.d files). After successfully
> > logging in, xdm seems to remove the credentials cache file:
>
> > [...]
> > 3508 1 xdm CALL __lstat30(0x806cca0,0xbfbfe094)
> > 3508 1 xdm NAMI "/tmp/krb5cc_1000"
>
> Might be off-topic but I find it odd that this thing creates a file in the
> world-writable directory /tmp with a non-random filename that contains the
> user ID.
The file is created with mode 0600 and is owned by the user whose uid
is contained in the file name.
--
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~