Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: jaltman@mit.edu Subject: SVN Commit X-RT-Original-Encoding: iso-8859-1 Content-Length: 1116 KFW integrated login was failing when the user is not a power user or administrator. This was occurring because the temporary file ccache was being created in a directory the user could not read. While fixing this it was noticed that the ACLs on the ccache were too broad. Instead of applying a fix to the FILE: krb5_ccache implementation it was decided that simply applying a new set of ACLs (SYSTEM and "user" with no inheritance) to the file immediately after the krb5_cc_initialize() call would close the broadest security issues. The file is initially created in the SYSTEM %TEMP% directory with "SYSTEM" ACL only. Then it is moved to the user's %TEMP% directory with "SYSTEM" and "user" ACLs. Finally, after copying the credentials to the API: ccache, the file is deleted. Commit By: jaltman Revision: 18379 Changed Files: U trunk/src/windows/kfwlogon/Makefile.in U trunk/src/windows/kfwlogon/kfwcommon.c U trunk/src/windows/kfwlogon/kfwcpcc.c U trunk/src/windows/kfwlogon/kfwlogon.c U trunk/src/windows/kfwlogon/kfwlogon.h