Binary package “munge” in ubuntu oracular
authentication service to create and validate credentials
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service
for creating and validating credentials. It allows a process
to authenticate the UID and GID of another local or remote
process within a group of hosts having common users and groups.
These hosts form a security realm that is defined by a shared
cryptographic key.
.
A process creates a credential by requesting one from the local
MUNGE service. The encoded credential contains the UID and GID
of the originating process. This process sends the credential to
another process within the security realm as a means of proving its
identity. The receiving process validates the credential with the
use of its local MUNGE service. The decoded credential provides
the receiving process with a reliable means of ascertaining the
UID and GID of the originating process, and this information can
be used for accounting or access control decisions.
.
Clients can create and validate these credentials without the use
of root privileges, reserved ports, or platform-specific methods.