Comment 29 for bug 1324592
Revision history for this message
| Morgan Fainberg (mdrnstm) wrote Re: Trust scope can be circumvented by chaining trusts | #29 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@Tristan,
The OAuth attack scenario is similar to trust one:
* Trustee creates an OAuth authentication delegation (with elevated privs)
* ReAuth with new OAuth based delegation.
Alternatively, someone authenticated with an OAuth delegation could:
* Create Trust with elevated privileges
* ReAuthenticate with new Trust.
The fixes Adam Young has provided eliminate both of these alternate attack vectors.