Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.12.9) with ESMTP id l69JAeHW018730; Mon, 9 Jul 2007 15:10:40 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id l69JAYjb027954; Mon, 9 Jul 2007 15:10:34 -0400 Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id l69Ir7Kr024170 for ; Mon, 9 Jul 2007 14:53:07 -0400 Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id l69Ir6C3018610 for ; Mon, 9 Jul 2007 14:53:06 -0400 (EDT) Received: from smtp.nist.gov (rimp1.nist.gov [129.6.16.226]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mit.edu (Spam Firewall) with ESMTP id DEBEB3A0339 for ; Mon, 9 Jul 2007 14:53:04 -0400 (EDT) Received: from postmark.nist.gov (pushme.nist.gov [129.6.16.92]) by smtp.nist.gov (8.13.1/8.13.1) with ESMTP id l69IqpFs024316 for ; Mon, 9 Jul 2007 14:52:51 -0400 Received: from ctcms.nist.gov (lurch.nist.gov [129.6.153.40]) by postmark.nist.gov (8.13.7/8.13.7) with SMTP id l69IqZUa015252 for ; Mon, 9 Jul 2007 14:52:35 -0400 (EDT) Received: (qmail 8231546 invoked from network); 9 Jul 2007 18:52:08 -0000 Received: from poppins.nist.gov (129.6.153.38) by lurch.nist.gov with QMQP; 9 Jul 2007 18:52:08 -0000 Received: (nullmailer pid 29827 invoked by uid 34010); Mon, 09 Jul 2007 18:52:35 -0000 Date: Mon, 9 Jul 2007 14:52:35 -0400 From: Andrew Reid To: Ken Raeburn Subject: Re: Bug#428732: [krbdev.mit.edu #5593] kadmin crashes during password changes Message-ID: <20070709185235.GA29464@smithers.nist.gov> References: <64F440A7-46B3-45A7-879C-A64E0927CDA3@mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <64F440A7-46B3-45A7-879C-A64E0927CDA3@mit.edu> User-Agent: Mutt/1.5.13 (2006-08-11) X-Nist-Mailscanner: Found to be clean X-Nist-Mailscanner-From: reida@lurch.nist.gov X-Spam-Score: 0.00 X-Spam-Flag: NO X-Scanned-BY: MIMEDefang 2.42 X-Mailman-Approved-At: Mon, 09 Jul 2007 15:03:30 -0400 CC: 428732@bugs.debian.org, Russ Allbery , krb5-bugs@MIT.EDU X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.MIT.EDU Errors-To: krb5-bugs-incoming-bounces@PCH.MIT.EDU RT-Send-Cc: X-RT-Original-Encoding: us-ascii Content-Length: 1349 On Fri, Jul 06, 2007 at 07:53:46PM -0400, Ken Raeburn wrote: > This code path requires that the principal in question have a policy > dictating a minimum time before the password can be changed, and a > password change made before that time has elapsed. (I should've > thought of that given the description of changing passwords > specifically in a short time.) Andrew, does that describe your > situation? If so, changing src/kadmin/server/misc.c to include > could fix the problem. That's some nice shooting, Ken -- making the suggested change (adding a include) is a fix. I built a new kadmind binary from the source tree for the -7etch2 version of the Debian package (with helpful instructions, thanks Russ), and ran it on our server. Now rapid-fire password changes get a correct response from the server that the minimum password lifetime has not expired, and the daemon continues to run. Will there be an "etch" security patch for this for amd64? The daemon runs as root, so there's a potential exploit opportunity, and even if there weren't, it's a possible DOS attack. -- A. -- Dr. Andrew C. E. Reid, Guest Researcher Center for Theoretical and Computational Materials Science National Institute of Standards and Technology, Mail Stop 8910 Gaithersburg MD 20899 USA andrew.reid@nist.gov