[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: trust [was Re: Open Xlock as root]



> The type of trust we've talked about here are those surrounding the idea
> that we trust a data stream to faithfully represent the intentions of a
> real user. Are there any other applications of trusted path?

if i follow you correctly, i am having to do *exactly* this right now in
samba.

the current code i am writing is nasty as hell.

i have a working "redirector" (or relay) that revolves around unix
sockets.  i have an SMB port 139 redirector working and a UDP NetBIOS 137
redirector working.  i also have used the redirector to split SMB
transfers off at an appropriate point (MSRPC) to separate daemons.

i currently have the unenviable problem of having to feed unix and nt
security credentials down the pipe in the initial setup stage.  the unix
credentials are of course "user name", and the nt credentials are of
course "user name, domain name, workstation name, user session key". let's
forget about unix uid, gid, groups and nt sid and security descriptor for
now: you can always resolve and therefore always re-resolve those from the
unix user creds and the nt user creds, respectively.

more about the "redirector": it is based on ideas in ssh-agent, but
instead of just grabbing credentials (i think that's all ssh-agent does),
you have to send credentials, which are used to set up the
proxy/redirector/relay connection, and then anything that is sent on the
socket will be sent to a process that has been able to setuid (etrc) to
the same uid (etc) as the user that you wished to emulate from the other
side of the socket.

that's the theory, anyway!

does this fit the bill, andrew?

luke



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []