Hi I do not have a lot of experience with kernels but have been been
thinking of local authentification for a long time. Its just a vaige
idea based on having the kernel authentication actions in the os. The
basis would be a server etc using hardware authentification to see
where commands are comming from. SO say for example a user types in a
password the authentification could distiguish it as comming from the
keybord. Also somthing on a cd would have a authentification allowing
the os to know the command etc came from the cd rom.
Now the strength of this counting on how far the local
authentification is written into the kernel may allow for such things
as a admin button on a file manager that can see if the pass actually
came from the keyboard as apposed from a network or the itnernet. Now
the functioning of this would be that it would be able to distinguish
commands from different locations such as the net or from the users
interfaces. This if implimented properly may make for a very safe
system which may close valnerbility doors by its nature. Also local
authent will possibly distinguish user interfaces from net commands and
print warnings such as a external app etc is trying to access your
computer etc.
Now as a basic system this sounds a bit stupid but if fully
implimented it may make for the safest kernel available that would be
very difficult to exploit and one of the bases of implimenting local
auth will be to block exploit.
Now a local auth may be a server that helps controll info and
hopefully limit or eliminate non authorized actions on a computer.
I am writing this as hurd is still fairly new and this may possibly be writen into the kernel now.
Warmest Regaurds
Tomasz WItko