[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFwMXV7wC4jvNZ9wiVyTn9Zio+n-r91jGj1xsT14GZJndw@mail.gmail.com>
Date: Wed, 18 Jul 2018 16:13:45 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: David Howells <dhowells@...hat.com>
Cc: Al Viro <viro@...iv.linux.org.uk>,
Miklos Szeredi <mszeredi@...hat.com>,
Stephen Rothwell <sfr@...b.auug.org.au>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] call_with_creds()
On Wed, Jul 18, 2018 at 2:28 PM David Howells <dhowells@...hat.com> wrote:
>
> Are network filesystems allowed to use f_cred at I/O time to determine the
> authentication/encryption parameters to commune with the server?
Absolutely. file->f_cred is very much "what was my ID at open time".
Of course, you may well have reasons why you actually want to cache
the key itself (and hide it in private_data or similar rather than
look it up, but if looking it up by uid is ok, then file->f_cred is
ok.
And if you check permissions at IO time (again using file->f_cred),
that's ok from a kernel perspective, but it's not really
POSIX-compliant. But obviously a lot of netrwork filesystems aren't
posix-compliant anyway.
Linus
Powered by blists - more mailing lists