lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Jul 2019 18:15:59 -0700 From: Eric Biggers <ebiggers@...nel.org> To: David Howells <dhowells@...hat.com> Cc: keyrings@...r.kernel.org, linux-security-module@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL On Thu, May 23, 2019 at 04:58:27PM +0100, David Howells wrote: > Replace the uid/gid/perm permissions checking on a key with an ACL to allow > the SETATTR and SEARCH permissions to be split. This will also allow a > greater range of subjects to represented. > This patch broke 'keyctl new_session', and hence broke all the fscrypt tests: $ keyctl new_session keyctl_session_to_parent: Permission denied Output of 'keyctl show' is $ keyctl show Session Keyring 605894913 --alswrv 0 0 keyring: _ses 189223103 ----s-rv 0 0 \_ user: invocation_id - Eric
Powered by blists - more mailing lists