[PATCH 2/2] KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches

David Howells dhowells at redhat.com
Fri Aug 2 13:00:30 EDT 2013

Eric W. Biederman <ebiederm at xmission.com> wrote:

> > Add support for per-user_namespace registers of persistent per-UID kerberos
> > caches held within the kernel.
> Out of curiosity is this cache per user namspace because the key lookup
> is per user namespace?

Yes.  You can't see keys in another namespace.  I occasionally wonder if I
should make the key serial number tree per namespace so that you don't search
keys outside your namespace and can't try looking them up by ID - but it
complicates the garbage collector which iterates over the entire tree (though
it could maintain a list of per-ns trees).

> Some minor nits below. But I don't see anything particulary scary about
> this patch.  Other than seeming to make it easy for root to get my
> kerbose tickets.

Root can do that anyway with file-based ccaches, I believe.  However, you can
change the key permissions to prevent root even seeing that your keys/keyrings
exist, let alone stealing them.

More information about the krbdev mailing list