Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
rkerberos
- 0.1.5
- Rubygems
Description
The rkerberos library provides a Ruby interface for Kerberos.
Requirements
Kerberos 1.7.0 or later, including admin header and library files.
OS X (10.11)
krb5 must be installed from source before installing the rkerberos gem:
brew install openssl
curl -0 http://web.mit.edu/kerberos/dist/krb5/1.14/krb5-1.14.tar.gz
tar -xzf krb5-1.14.tar.gz
cd krb5-1.14/src
export CPPFLAGS='-I/usr/local/opt/openssl/include'
export LDFLAGS='-L/usr/local/opt/openssl/lib'
./configure
make
make install
latest release is here: http://web.mit.edu/kerberos/dist/index.html
Synopsis
require 'rkerberos'
# Get the default realm name
krb5 = Kerberos::Krb5.new
puts krb5.default_realm
krb5.close
# Get the default keytab name
keytab = Kerberos::Krb5::Keytab.new
puts keytab.default_name
keytab.close
# Set the password for a given principal
kadm5 = Kerberos::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx')
kadm5.set_password('someuser', 'abc123')
kadm5.close
# Using the block form
Kerberos::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx') do |kadm5|
p kadm5.get_principal('someuser')
kadm5.set_password('someuser', 'abc123')
end
Notes
The rkerberos library is a repackaging of my custom branch of the krb5_auth library. Eventually the gem djberg96-krb5_auth will be removed from the gem index.
MIT vs Heimdal
This code was written for the MIT Kerberos library. It has not been tested with the Heimdal Kerberos library.
TODO
- Create a separate class for the replay cache.
- Better credentials cache support.
- Ability to add and delete keytab entries.
Authors
- Daniel Berger
- Dominic Cleal (maintainer)
- Simon Levermann (maintainer)
License
rkerberos is distributed under the Artistic 2.0 license.
FAQs
Unknown package
We found that rkerberos demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 17 Oct 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024