[BBLISA] Secure, authenticated file serving to untrusted clients

[Ben Eisenbraun]

Howdy,

I'm looking for a file serving method that lets me securely share files out
to clients with untrusted root users.*  I.e. if user home directories are on
a read-write network volume, I want to stop root on a workstation from doing:

rm -rf ~user

or

su - user
rm -rf ~

* Yes, I know that if someone has root on the workstation, then all bets 
are off, since they can trojan kinit to collect passphrases, steal tickets, 
etc.  I'm just trying to raise the bar significantly higher than the
standard NFS level of (in)security.

>From what I understand of NFSv4, if I set it up to use kerberos, then I can
do this, since only a user with a valid kerberos ticket will be able to
access the files on the share.  It seems like a kerberized solution could 
work here, but I'm not sure what protocol to use.

I'm looking for a solution that would work on Linux and OS X.  The NFSv4
support is fairly limited under OS X right now.  Can Samba/CIFS do this?
AFS?  Other?

-ben 

--
in order to create anything, one must first start with something that is 
not the thing being created.                            <phillip j. eby>