Comment 17 for bug 676525

Revision history for this message
DG Turner (d-turner) wrote :

Kerberos' purpose is authentication. More verbosely, using kerberos as the primary authentication method should ensure that the presented credentials do in fact belong to the user presenting them (whether that is a real user or a service is irrelevant).

To force the impersonation of credentials to perform a mount of a Windows share within the user's home directory is a subversion of the kerberos mechanism, and potentially allows a breach to propagate.

The concerns raised by this behaviour may raise fewer alarm bells for those more accustomed to a *nix environment. When the environment is Windows/Active Directory based, the aforementioned concerns become much more disconcerting. The potential damage caused by the impersonation of a user by root could be catastrophic is the right user were impersonated, which is why several of my systems are configured to send an alert when a chown of any ticket is attempted.

To make matters more interesting (at least for me), the cruid option still fails for me when attempting a mount using kerberos credentials.