[RFC PATCH 0/1] secret: Inhibit shutdown for ephemeral secrets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm kind of convinced that we want to do this, but also it's a
significant change in the behaviour of the daemon, hence RFC prefix.

This stemmed from a discussion with a user who wants us to use something
more secure than base64 encoded secret values stored on a disk. They
suggested storing the values in TPM and while that might sound like a
good idea, I suggested using ephemeral secrets for the time being. Well,
because of '--timeout 120', ephemeral secrets are short lived, indeed.

Meanwhile, let me see if there's a library we could use to talk to TPM.

Michal Prívozník (1):
  secret: Inhibit shutdown for ephemeral secrets

 src/secret/secret_driver.c | 35 +++++++++++++++++++++++++++++++++--
 1 file changed, 33 insertions(+), 2 deletions(-)

-- 
2.38.2




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux