I was wondering if it's possible (or has been done) to "kerberize" the
linux kernel so that as every process is instantiated the user is first
authenticated by a kerberos KDC. I want to authenticate thousands of
users before they launch any program, even programs like /bin/ls,
without recompiling/relinking or manually "kerberizing" a single
existing program. is this possible?
I can see generating a default principal for each user based on their
UID and a default realm. I envision giving a module a list of
directories that contain executable programs that require authentication
to run. Seems possible, has anybody done this?
I don't know anything about writing a kernel module or other kernel
hacking, but i'm up for it!
Also I think this might violate some "crypto in the kernel" rules -- I
poked around the international kernel patch for a while, but didn't find
anything.
Cheers,
Curt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/