A 1 year job is available in a startup from the HSL, WEB design in a security tool environment :
A nice development : a PAM module (linux) for authentication for sudo, based
on validation by other administrators.
Designed for secure systems, all sudo commands (administrators commands) must be validate by a quorum of administrators before execution.
pam_all provide a system of authentification in an administrators group. When an user start a command (via sudo), pam_all puts the user awaiting approval from the other administrators of the group before running the command.
pam_all is based on an encryption system, where each user have his key pair. The command is salted and encrypted with a random AES key (secured by the RSA public key of each user in the group). When an user validate the command with all-validate, command is signed and pam_all return PAM_SUCCESS (when the quorum is reached).
Thanks to Aurelien Rausch (aurel at aurel-r.fr)