Re: [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, May 23, 2019 at 04:58:27PM +0100, David Howells wrote:
> Replace the uid/gid/perm permissions checking on a key with an ACL to allow
> the SETATTR and SEARCH permissions to be split.  This will also allow a
> greater range of subjects to represented.
> 

This patch broke 'keyctl new_session', and hence broke all the fscrypt tests:

$ keyctl new_session
keyctl_session_to_parent: Permission denied

Output of 'keyctl show' is

$ keyctl show
Session Keyring
 605894913 --alswrv      0     0  keyring: _ses
 189223103 ----s-rv      0     0   \_ user: invocation_id

- Eric



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux