List:General Discussion« Previous MessageNext Message »
From:Vivek Khera Date:June 30 1999 3:34pm
Subject:Re: login authintication (fwd)
View as plain text  
>>>>> "EC" == Ed Carp <erc@stripped> writes:

>> I do a small change in the mysql for use a kerberos ticket instead of
>> password , in this way you can resolve the security problem from
>> PAM module and DB server ...

EC> Kerberos is inherently insecure, and I think Fred Cohen actually has a
EC> working exploit.  Might want to think about using SSH instead.

I doubt it is _inherenly_ insecure.  I did a lot of research on the
kerberos v4 protocols back in gradual school and the protocols don't
seem to have any major weaknesses.  The implementation may be
insecure, but that's a whole different issue.

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.                Khera Communications, Inc.
Internet: khera@stripped       Rockville, MD       +1-301-545-6996
PGP & MIME spoken here            http://www.kciLink.com/home/khera/
Thread
Re: login authintication (fwd)mailing list mysql30 Jun
  • Re: login authintication (fwd)Ed Carp30 Jun
    • Re: login authintication (fwd)Vivek Khera30 Jun
Re: login authintication (fwd)mailing list mysql2 Jul