Host based authentication

[Peter Staubach]

J. Bruce Fields wrote:
> On Fri, Apr 20, 2007 at 11:05:38AM -0400, Steve Gaarder wrote:
>   
>> On Thu, 19 Apr 2007, Brent Callaghan wrote:
>>     
>>> Yes, stronger host-based security would be useful and might avoid some
>>> of the overhead in administering Kerberos.
>>>
>>> But the most common complaint about NFS security relates to home
>>> directories,
>>> and host-based security does nothing to prevent one student messing
>>> with another student's (or staff member's) home directory via the "su"
>>> command.
>>>       
>> A very useful adjunct to better auth-sys security would be a way to squash 
>> all users on a given machine to nobody except for one (or a few) selected 
>> users.  I'd like to have it even with current auth-sys.
>>     
>
> People have asked for that before.  I think it's just a question of
> having someone sufficiently motivated to write the patches and then work
> with everybody to iron out any problems.
>
> If everyone was happy with a squashing scheme that required very little
> data to describe (like, squash everyone with a uid higher than N), then
> it might be possible to just add an export option.  If people want to
> squash all but some arbitrarily set of id's, or remap id's in some more
> complicated way, then we need to add a new mechanism by which the kernel
> can query a daemon for the mapping, etc. (probably using another server
> cache thing--see net/sunrpc/cache.c).
>
> The squashing is done in fs/nfsd/auth.c:nfsd_setuser(), which is where
> any new mechanism would need to hook in.

This sort of support would make companies, who have administrative domains
with overlapping uids and gids, very happy.  They've been asking for a way
to do uid/gid mapping for quite a while now.  We've always put them off by
suggesting they use Kerberos, which solves the immediate problem, while
introducing a whole host of others, mainly deploying and maintaining
Kerberos realms.

    Thanx...

       ps