There is also a (desire/need) to be able to integrate this with something
like IPSec...
In some Kerberos situations:
1. authentication can be based on simple name/password
2. authentication can be ased on name/password/smart card
Some sites may acctept #1 or #2. Other sites may only accept #2. (both are
related to the same realm, or cross realm operation).
> Technical thoughts follow below.
>
[Big snip]
Much of this can/should be handled outside the Kernel, PROVIDED, the kernel
can make a unique link between a process and the external security structure,
and provide communication paths between the service<=>kernel<=>app-server
("the service" is the security database server and "app-server" may be the
daemon granting login capability.
This way "the service" may make out-of-band remote requests for additional
authentication handling (translating remote credentials into local
credentials type of thing).
It is VERY possible that a user may have been granted certain LOCAL priviliges
provided the user is NOT utilitizing unsecured networks. Or just making access
requests from unapproved locations... and still be permitted to make other
connections.
Assuming transitive privilige handling is NOT your friend (ie. undesired
remote connection -> trusted host -> privileged access on third host).
This is slightly off the AFS line, but is spot on the "security services" that
are beginning to be discussed.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/