Simon Ruderich <he29h...@stud.informatik.uni-erlangen.de> writes: > Any objections against using it as setgid instead of setuid? This > would work fine as well and prevent serious privilege escalation.
If you compromise the host keytab in most Kerberos environments, you've compromised root anyway, since the attacker can then mint arbitrary service tickets for that host and authenticate to any Kerberos service on that host (such as ssh) as arbitrary users. So I don't think this really helps significantly. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
