Subject: | krb5kdc and kadmind could drop privileges after binding |
A Debian user requested that krb5kdc and kadmind support dropping
privileges after binding to network ports and run as a non-root user
with access to the KDC database. This isn't particularly compelling for
sites where the KDC holds the keys to everything anyway, but if one is
using a KDC for a guest realm, for a specific purpose, or in some other
more limited situation, this provides some additional security
protection. It also provides some protection against unsophisticated
attackers who know how to use a root exploit but who don't have the
resources or knowledge to make use of access to the KDC database.
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477309 for the
original report.
privileges after binding to network ports and run as a non-root user
with access to the KDC database. This isn't particularly compelling for
sites where the KDC holds the keys to everything anyway, but if one is
using a KDC for a guest realm, for a specific purpose, or in some other
more limited situation, this provides some additional security
protection. It also provides some protection against unsophisticated
attackers who know how to use a root exploit but who don't have the
resources or knowledge to make use of access to the KDC database.
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477309 for the
original report.