current-users: Re: xdm, PAM and krb5 broken

Subject: Re: xdm, PAM and krb5 broken
To: None <current-users@netbsd.org>
From: Jukka Salmi <j+nbsd@2006.salmi.ch>
List: current-users
Date: 10/19/2006 11:14:04

Christian Biere --> current-users (2006-10-19 03:32:51 +0200):
> Jukka Salmi wrote:
> > on a -current Kerberos V system login(1) works fine while xdm(1) doesn't
> > (both are using pam(8), default /etc/pam.d files). After successfully
> > logging in, xdm seems to remove the credentials cache file:
>  
> > [...]
> >   3508      1 xdm      CALL  __lstat30(0x806cca0,0xbfbfe094)
> >   3508      1 xdm      NAMI  "/tmp/krb5cc_1000"
> 
> Might be off-topic but I find it odd that this thing creates a file in the
> world-writable directory /tmp with a non-random filename that contains the
> user ID.

The file is created with mode 0600 and is owned by the user whose uid
is contained in the file name.

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~