KEYRING:persistent and ssh
Simo Sorce
simo at redhat.com
Wed Sep 28 13:01:49 EDT 2016
On Wed, 2016-09-28 at 11:43 -0400, Ken Hornstein wrote:
> >Storing: Simply on a ram filesystem and use ACLS to tackle it down to
> >the list of users who need it. This is pretty much what KEYRING does,
> >with a custom nonstandard api.
>
> FWIW, we are going to KEYRING everywhere; the semantics for what you
> want in terms of a credential cache store are almost perfect. What you
> DON'T want to do is store credentials on a filesystem (be it in RAM or
> on spinning disk); been there, done that. As for the leaking of information
> across chroot/Docker containers ... I'm trying to imagine how that would
> be an actual security problem in practice. I could be proven wrong, of
> course, but I'd like to see some more concrete risks here.
It becomes a potential security issue if you run containers as root, but
nobody is doing that in production, right ? Because if you do, the
keyring issue is not the major problem here.
Besides there are various part of the kernel that depends on the keyring
now, disabling it is going to cause hard to diagnose issues or limit the
features you can use.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Kerberos
mailing list