Re: [Gnue-dev] GEAS is dead. Long live GEAS.

[Reinhard Mueller]

Am Die, 2002-03-05 um 22.39 schrieb Rouzer, Charles A (Chuck):
> I would like security and authentication seperated in the white paper.
> 
> Authentication: Multiple backend authentication methods via internal GNUe
> database table, internal database user table, and local system.  An admin
> could config the local system authentication method which would enable GNUe
> to authenticate via PAM, NIS, local passwd file, etc.
> 
> Security: Role Base Access Control (RBAC).  If this method is used, in
> theory, you should be able to tie this into future OSs that also implement
> RBAC.  This has been discussed in the past.  Whether implemented partially
> or fully I believe this is worth looking into as a possible solution.

I see what you're after, and I agree that these points are important.

However, I think that we can (in our definition of the big overall
goals) merge the questions how the user authenticates and the question
how the system decides what to allow the user once he has authenticated
into the single big and important goal that the system must be secure.

I am 100% sure we will come back on viewing these points seperate as
soon as we talk about implementation details.

Thanks,
-- 
Reinhard Mueller
GNU Enterprise project
http://www.gnue.org