[Server-devel] Git checkouts for the XS

Martin Langhoff martin.langhoff at gmail.com
Sat Feb 9 13:36:47 EST 2008


On Feb 8, 2008 4:07 PM, John Watlington <wad at laptop.org> wrote:
> >  - trying to understand where the security infrastructure is at, and
> > how can apache of the XS get some identity information from the XO
> > clients, the bitfrost way if possible, kludging it somehow if not...
>
> The school server's current identity model is that a child is
> represented by their laptop.
> The username is the laptop serial number (guaranteed unique), the
> password is the
> laptop UUID (large, random, and never exposed).   Authentications
> other than disaster
> recovery use a public/private key pair, which is generated when a
> user first opens a laptop.

That's actually quite usable. I'll see if we can expose that somehow,
perhaps along the lines of

 - Exposing an ident-like service on the XO that takes any random
message and replies with a valid signature for it + public key. Or
replies with the UUID, but that would break the "never exposed"
property you mention.

 - A similar sign-this-message challenge scheme that could be
requested by a specially-crafted auth challenge from the webserver.
This will need hacking the browse activity, and perhaps the gecko
core.

> Other IDs include a hash of the public key (IIRC) used by the
> presence (ejabberd) service
> to represent a user.  There is also a nickname, which is not
> guaranteed to be unique
> within a school but is nonetheless used in our UI.

Could we have the ident-style service respond with hash of the pubkey and nick?

> There is no security infrastructure currently.   Even SELinux is
> turned off in the interest
> of making things work.   A student could theoretically access a
> school server, but
> they would have to know to use their serial number as the username.

Hmmm. Even if we want them to be able to ssh in for backup purposes,
we can use rssh to lock things down.

cheers,


martin


More information about the Server-devel mailing list