How to authenticate permissions of a local user?

Art Hampton arth@pacsg.css.mot.com
Wed, 16 Jun 1999 11:34:42 -0500


I'm new to this list, so I'm sorry if this turns out to be an issue
which has been frequently discussed on this list.

I was hoping to use GnuPG as an automatic user authentication scheme
between two separate networks.

I was hoping to be able to create an authentication script which, when
run, would take the user's requested command, verify that the user has
permissions to do that operation based on the local network permissions
(for this application, these are simple file permissions), and then sign
the command.

That command would then be sent to the remote network.  After verifying
that the signature was valid, and that the command was something it
supported implementing remotely (in this case, application specific),
the remote network would implement the command.

The problem is the passphrase for the local network authentication
script.  I'm not sure how to get it to GPG without giving it to the
users (which would defeat the whole purpose of the authentication
script).

My initial intent was that I would have a setuid script which would read
in the passphrase from a file which is only readable by the owner of the
authentication script.  It would then fork & exec GPG, redirecting its
stdin & stdout to allow the authentication script to send the passphrase
and the command to be signed.  I now see that GPG is taking its I/O from
the tty instead of stdin/stdout, so I can't do that.

There may very well be a security hole here which I have overlooked if I
was able to pull this off (feel free to point it out if so).

Does anyone have any suggestions?  Alternate solutions?

Thanks in advance for any help.