LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Andrew Morton <akpm@linux-foundation.org>
To: David Howells <dhowells@redhat.com>
Cc: torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
dhowells@redhat.com
Subject: Re: [PATCH 2/4] KEYS: Check starting keyring as part of search
Date: Tue, 12 Feb 2008 15:47:49 -0800 [thread overview]
Message-ID: <20080212154749.de96c277.akpm@linux-foundation.org> (raw)
In-Reply-To: <20080208160429.14436.88582.stgit@warthog.procyon.org.uk>
On Fri, 08 Feb 2008 16:04:29 +0000
David Howells <dhowells@redhat.com> wrote:
> Check the starting keyring as part of the search to (a) see if that is what
> we're searching for, and (b) to check it is still valid for searching.
>
> The scenario: User in process A does things that cause things to be
> created in its process session keyring. The user then does an su to
> another user and starts a new process, B. The two processes now
> share the same process session keyring.
>
> Process B does an NFS access which results in an upcall to gssd.
> When gssd attempts to instantiate the context key (to be linked
> into the process session keyring), it is denied access even though it
> has an authorization key.
>
> The order of calls is:
>
> keyctl_instantiate_key()
> lookup_user_key() (the default: case)
> search_process_keyrings(current)
> search_process_keyrings(rka->context) (recursive call)
> keyring_search_aux()
>
> keyring_search_aux() verifies the keys and keyrings underneath the
> top-level keyring it is given, but that top-level keyring is neither
> fully validated nor checked to see if it is the thing being searched for.
>
> This patch changes keyring_search_aux() to:
> 1) do more validation on the top keyring it is given and
> 2) check whether that top-level keyring is the thing being searched for
>
> ...
>
> + (keyring->expiry && now.tv_sec >= keyring->expiry))
time_after()?
next prev parent reply other threads:[~2008-02-12 23:48 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-08 16:04 [PATCH 1/4] KEYS: Increase the payload size when instantiating a key David Howells
2008-02-08 16:04 ` [PATCH 2/4] KEYS: Check starting keyring as part of search David Howells
2008-02-12 23:47 ` Andrew Morton [this message]
2008-02-13 12:35 ` David Howells
2008-02-08 16:04 ` [PATCH 3/4] KEYS: Allow the callout data to be passed as a blob rather than a string David Howells
2008-02-08 16:04 ` [PATCH 4/4] KEYS: Add keyctl function to get a security label David Howells
2008-02-12 23:51 ` Andrew Morton
2008-02-13 12:38 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080212154749.de96c277.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=dhowells@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--subject='Re: [PATCH 2/4] KEYS: Check starting keyring as part of search' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).