Basicallly, the gram_gatekeeper is roughly the same as telnetd or
rlogind.  It needs to authenticate a particular user, and then
fork/su/exec a process for that user.


Pieces of code that you might want to review prior to deploying as
root.

Core gram code:
        gram/service/gram_gatekeeper.c
 
Simple wrappers around GSSAPI calls:
        gram/service/grami_ggg_accept.c
 
GSSAPI implementation using cleartext passwords:
        gssapi_cleartext
 
 
gssapi_cleartext/design-notes describes what GSSAPI is doing, and how to use it.
 
