[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gomd-devel] Post-beta Authentication roundup

From: Matthias Rechenburg
Subject: Re: [gomd-devel] Post-beta Authentication roundup
Date: Wed, 1 Oct 2003 00:41:43 +0200
User-agent: KMail/1.4.3

Hi Roeles,

in short ;)  i like your approach ....... and i hope that i does not make 
it too complicated. We need to discuss it alltogether in a chat session
i guess to find the right solution for the gomd.

On Dienstag 30 September 2003 21:22, address@hidden wrote:
> Hi,
> I did some thinking (again) on the authentication stuff...and got to a
> conclusion (always nice :) Any remarks/questions/emotions are off course
> welcome.
> The situation:
> - Gomd listens on 2 ports. 1 port for SSL connection and 1 port for
> plain/text connections.
> - When a client connects on the SSL port, gomd sends a random string (after
> receiving the username) encrypted by a form of the users' password to the
> client. The client will decrypt this string with the user-specified
> password and sends the (unencrypted) string back. When authentication is
> successfull, the newly created gomd thread will run under the UID of the
> just logged on user.
> - When a client connects to the plain/text port, gomd will not ask for any
> user/pass, but will instantly create the new thread. This thread will run
> as user nobody.

mmhmm, all gomd's should run as root too my mind 
sorry for this security flaw ;)) but it shoudl be able to execute
administrative commands as root.
Maybe we just need to auth just one user for the gomd -> root ..... ? 

> Some things to notice:
> - Gomd grabs user/pass info internally using PAM. This will add huge
> flexibility imho
> - Hyjacked connections will have rights of user 'nobody' (since SSL
> hyjacking is not done)

;) let us try to hack the gomd, ok ?
We can make a small contest out of it and see where our 
most serious problems are  ;)) 
What do you think ?  should be funny, eh ?

> - the user's password will _not_ be stored/sent plaintext.
> - authentication will use some kind of private/public keypair encryption.
> how this works exactly we'll have to find out.
> - Command execution can be limited due to rights.
> NOTICE: We'll have to think about gomd2gomd and users. But that's for later
> concern and not a great matter since a cluster is already considered
> unsecure imho


> cheers,
> Roel "roeles" Baardman
> P.s. please read this very good to avoid misunderstandings. I'll be on the
> gomd channel to answer all questions. Also, you can mail me at this
> address.

have a good night,

E-mail  :  address@hidden
www     : http://www.openmosixview.com
an openMosix-cluster management GUI

for X in $(seq 1 50); do (cat /dev/zero |netcat localhost 9 &); done

reply via email to

[Prev in Thread] Current Thread [Next in Thread]