[OpenAFS] Re: [OpenAFS-announce] OpenAFS Security Advisory 2007-001:
privilege escalation in Unix-based clients
Jeffrey Altman
jaltman@secure-endpoints.com
Wed, 21 Mar 2007 12:33:52 -0400
Kim Kimball wrote:
> My reading of this says that network traffic from a server can be
> spoofed, in general, since an anonymous user will operate over an
> unauthenticated connection. If so it seems it would be possible to
> place a file in the cache as well as spoof status.
As is true for all network traffic that is not protected against
tampering, it is theoretically possible for a man in the middle to alter
the contents of a data stream.
I hope this is not a surprise to anyone.
Jeffrey Altman
Secure Endpoints Inc.