[PATCH 2/2] KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
David Howells
dhowells at redhat.com
Fri Aug 2 13:00:30 EDT 2013
Eric W. Biederman <ebiederm at xmission.com> wrote:
> > Add support for per-user_namespace registers of persistent per-UID kerberos
> > caches held within the kernel.
>
> Out of curiosity is this cache per user namspace because the key lookup
> is per user namespace?
Yes. You can't see keys in another namespace. I occasionally wonder if I
should make the key serial number tree per namespace so that you don't search
keys outside your namespace and can't try looking them up by ID - but it
complicates the garbage collector which iterates over the entire tree (though
it could maintain a list of per-ns trees).
> Some minor nits below. But I don't see anything particulary scary about
> this patch. Other than seeming to make it easy for root to get my
> kerbose tickets.
Root can do that anyway with file-based ccaches, I believe. However, you can
change the key permissions to prevent root even seeing that your keys/keyrings
exist, let alone stealing them.
More information about the krbdev
mailing list