ccache using linux keyring

Matt Crawford crawdad at
Thu Apr 14 10:32:32 EDT 2005

I don't know anything about the Linux keyring, but I'd like to see a 
kernel credential cache which by default can only be accessed by 
processes descended from the one that created it, or (optionally) 
descended from the parent of that process, like the AFS token cache is 
after setpag().  This would add some resistance against a user-level 
breakin propagating to everywhere the credentials are authorized.

More information about the krbdev mailing list