Re: [RFC] call_with_creds()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [RFC] call_with_creds()
From: David Howells <dhowells@xxxxxxxxxx>
Date: Wed, 18 Jul 2018 22:28:44 +0100
Cc: dhowells@xxxxxxxxxx, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Miklos Szeredi <mszeredi@xxxxxxxxxx>, Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>, linux-fsdevel <linux-fsdevel@xxxxxxxxxxxxxxx>, Linux Kernel Mailing List <linux-kernel@xxxxxxxxxxxxxxx>
In-reply-to: <CA+55aFxh62Yttq-W2Cr_YQQ5tAL1xjijjnaz1-zdZNqZPQFM0g@mail.gmail.com>
Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903

Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:

> I explained earlier why it's wrong and fragile, and why it can just
> cause the *reverse* security problem if you do it wrong. So now you
> take a subtle bug, and make it even more subtle, and encourage people
> to do this known-broken model of using creds at IO time.

Are network filesystems allowed to use f_cred at I/O time to determine the
authentication/encryption parameters to commune with the server?

David

Follow-Ups:
- Re: [RFC] call_with_creds()
  - From: Linus Torvalds

References:
- Re: [RFC] call_with_creds()
  - From: Linus Torvalds
- Re: [RFC][PATCH 01/42] drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
  - From: Al Viro
- Re: [RFC][PATCH 01/42] drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
  - From: Al Viro
- Re: [RFC][PATCH 01/42] drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
  - From: Linus Torvalds
- vfs / overlayfs conflict resolution for linux-next
  - From: Al Viro
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Al Viro
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Stephen Rothwell
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Miklos Szeredi
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Miklos Szeredi
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Al Viro
- Re: vfs / overlayfs conflict resolution for linux-next
  - From: Miklos Szeredi
- [RFC] call_with_creds()
  - From: Al Viro

Prev by Date: Re: [RFC] call_with_creds()
Next by Date: Getting rid of the usage of write() -- was Re: [PATCH 00/32] VFS: Introduce filesystem context [ver #9]
Previous by thread: Re: [RFC] call_with_creds()
Next by thread: Re: [RFC] call_with_creds()
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]