opentrax@email.com writes:

> On 20 Dec, Chris Jones wrote:
> [description of Kerberos tickets and TGTs]

> The one problem I see with this design, as with many, is that
> if your TGT is hijacked in the opening session, all other
> systems are vunerable to similar hijacking. 
> 
> Can I get your opinin on this, and of course, anyone else
> readin this?

Yeah, if your TGT gets hijacked, you're in trouble.  For what it's
worth, the TGT has a built-in maximum lifetime, after which it's no
longer valid; this may minimize the damage.

Really, it comes down to this:  If the user doesn't trust the admin of
a system, he shouldn't forward his TGT to that system.

Chris

-- 
----------------------------------------------------- chris@cjones.org
Chris Jones                                           Mad scientist at large