PyAuthD Beta 2a

Heiko Wundram heiko.wundram at ceosg.de
Mon May 2 06:58:34 EDT 2005 

PyAuthD - Python Authentication Daemon
--------------------------------------

PyAuthD is a project to create PAM, NSS and PPPd modules which communicate 
with a running Python authentication daemon using a Unix Domain socket. The 
project focusses so far on creating the necessary modules for PAM, NSS and 
PPPd.

As the authentication is done using a single backend daemon, authentication on 
a Unix system can now be done safely and securely through a single process 
which need not even run as root as the metalanguage Python offers shields the 
programmer from handling common mistakes such as buffer-overflows. Choosing 
Python as the language to implement the daemon has other security 
implications which I am working on resolving.

Current Release
---------------

I've released PyAuthD, beta 2a. The project is now available via subversion 
from the following URL:

http://193.174.104.108/svn/repos/tags/PyAuthD-beta2a

or through ViewCVS:

http://193.174.104.108/viewcvs

Beta 2a does not yet implement a single daemon infrastructure, but contains 
(rather) incomplete samples of how to interact with the modules in question. 
These daemons were written with the single purpose to test the modules, and 
may not work with the current state of the modules anymore.

License
-------

PyAuthD and the modules are released under a "New BSD"-style license. You are 
required to keep the copyright intact if you plan on using this code, but 
otherwise are not encumbered in using it except by the common advertising 
clause.

Plans/Bugfixes
--------------

- Create autoconf/automake infrastructure for PyAuthD (looking for volunteers)
- Implement the single signon daemon in a proper way.
- Create Patches for the Python interpreter which cause types to overwrite the 
memory used by an object with zeros after freeing it.
- Security-check the module implementations.
- Implement proper error handling in the NSS get*ent functions when memory 
runs out.
- and much, much more...

Help
----

I'm working on this project with two other people. If you are interested in 
joining us, feel free to mail me, and I can arrange commit priviledges to the 
SVN repository.

Otherwise, I'm looking forward to this thursday, where I'll present the 
project at this years German Linux-User-Groups meeting. Hope to see you 
there!

--- Heiko Wundram.

More information about the Python-list mailing list