Re: GSSAPI

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 18 Jul 2014, at 05:20, Markus Friedl <mfriedl@xxxxxxxxx> wrote:

> 
>> Am 18.07.2014 um 03:01 schrieb Coy Hile <coy.hile@xxxxxxxxxxx>:
>> 
>> What’s your justification for that?
> 
> The amount of extra code involved.


I’m not actually convinced that the attack surface is radically different between userauth and key exchange. In both the GSSAPI calls are being performed in the privileged monitor, and the GSSAPI calls that are used are pretty much identical.

Cheers,

Simon
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev





[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux