I am currently pursuing my Masters degree in Computer Science at the University of Illinois at Chicago. Check out my Home Page
I have implemented a Plan 9 style Capability Device for the Linux Kernel. Check out the code for the kernel module in the hg repository at hg. I hope to submit the patch to lkml soon
Check out the paper I have submitted for iwp9 to be held this year at Bell Labs in December.
I am currently working on porting ‘su’ to use the cap device. I am implementing a Linux Pluggable Authentication Module for this. I feel that having a user space application that makes use of the cap device would increase the chances of acceptance in the Linux community.
In the process of porting ‘su’ I am working on porting the Plan 9 authentication server (authsrv and keyfs) to Linux (as part of p9p). You can check out the code in the hg repository here. I have got the following ported to linux and I hope to get them merged with p9p:
- The authentication server - ‘authsrv’ ( Currently this is run through xinetd or the like)
- The key file system - ‘keyfs’
- The ‘changeuser’ utility to add/modify user account information
I am working on writing a PAM module that would interface with the host owner’s factotum and authenticate the user. Once the user is authenticated the capability is written to /dev/capuse by the PAM module after which the user id of the user is changed.