[OFFTOPIC] Authentication (was Re: Is there any way...

Peter Moulder (reiter@netspace.net.au)
26 Feb 1998 10:43:00 +1100

Sergei Viznyuk <sergei@phystech.com> writes:

> I need to generate some unique number or string
> based on real user ID of the process, so
> that
> 1. the number is independent of OS version
> 2. reproducible
> 3. other user ID would not be able to generate
> the same number even if he got a hold on
> a source code

(Your question is not specified very clearly, so it's hard to give a
good answer.)

Not easily. There needs to be some secret that the other user can't
access. E.g. a PGP private key.

As regards 3, you need to consider why bad user can't just copy the
response given by genuine user.

One way is just to make sure that the bad user never sees the response
that the genuine user makes.

If that's not possible then you can issue a random string and have
that user encrypt it using their private key. 3 would be guaranteed
insofar as the same string is never issued twice.

You don't need to use PGP, btw. You could just use md5sum in
combination with some secret file (touch secret; chmod 0400 secret; dd
if=/dev/random count=1 of=secret), where the string is encrypted
by running md5sum on the concatenation of the issued string and the
secret file.

Alternatively, maybe you want to look at getuid(2) or identd(8).


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu