[PATCH 2/2] KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Aug 1 13:54:20 EDT 2013

On 08/01/2013 01:39 PM, David Howells wrote:
> The uid is -1 or the user's own UID for the user's own cache or the uid of some
> other user's cache (requires CAP_SETUID).  This permits rpc.gssd or whatever to
> mess with the cache.

Is the goal here eventually to be able to avoid the upcall to rpc.gssd
entirely?  It seems a little bit roundabout to have the kernel call up
into userspace for the credentials, only to talk to a process which then
calls back into the kernel for something that the kernel has already
well-defined internally.

It seems like a non-privileged user could use this to store arbitrary
data in this keyring as a way of hiding what would otherwise be
filesystem activity or using it for some sort of odd/sneaky IPC
mechanism.  Is this an intentional side effect?

Sorry if these are obvious questions.  feel free to point me to
already-documented answers if they exist.

Thanks for all your work on this!



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20130801/690142a1/attachment.bin

More information about the krbdev mailing list