Return-Path: <linux-kernel-owner+willy=40w.ods.org-S263972AbUFPOte@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S263972AbUFPOte (ORCPT <rfc822;willy@w.ods.org>);
	Wed, 16 Jun 2004 10:49:34 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S264019AbUFPOte
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Wed, 16 Jun 2004 10:49:34 -0400
Received: from mx1.redhat.com ([66.187.233.31]:22458 "EHLO mx1.redhat.com")
	by vger.kernel.org with ESMTP id S263972AbUFPOt0 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 16 Jun 2004 10:49:26 -0400
From: David Howells <dhowells@redhat.com>
In-Reply-To: <FC6EBB12-BF27-11D8-95EB-000393ACC76E@mac.com> 
References: <FC6EBB12-BF27-11D8-95EB-000393ACC76E@mac.com>  <1087282990.13680.13.camel@lade.trondhjem.org> <772741DF-BC19-11D8-888F-000393ACC76E@mac.com> <1087080664.4683.8.camel@lade.trondhjem.org> <D822E85F-BCC8-11D8-888F-000393ACC76E@mac.com> <1087084736.4683.17.camel@lade.trondhjem.org> <DD67AB5E-BCCF-11D8-888F-000393ACC76E@mac.com> <87smcxqqa2.fsf@asterisk.co.nz> <8666.1087292194@redhat.com> 
To: Kyle Moffett <mrmacman_g4@mac.com>
Cc: Blair Strang <bls@asterisk.co.nz>, Linus Torvalds <torvalds@osdl.org>,
       lkml <linux-kernel@vger.kernel.org>
Subject: Re: In-kernel Authentication Tokens (PAGs) 
User-Agent: EMH/1.14.1 SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII
Date: Wed, 16 Jun 2004 15:49:15 +0100
Message-ID: <10430.1087397355@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1534
Lines: 37


> One other thing that I'm not certain about in this patch is if there
> is actually an important difference between "process" and
> "session" key-rings.  I believe that the "session" distinction
> should be left up to user-space software like PAM to determine
> which key-ring "session" a process should belong to.

Well, userspace can decide that a process should begin a new session. I'd
envision this as a user gets a session keyring for each login, and so are able
to use these to hold different sets of credentials that don't interfere with
each other.

A UID keyring would be too pervasive - a key in there would affect _every_
process owned by that user - which might be undesirable.

A process keyring wouldn't be pervasive enough. You couldn't, for example, run
aklog in your shell to get you an AFS token attached to the session, use that
token several times by running programs and then quit the shell to dispose of
the token. Each process wanting the token would have to get itself a new token
by contacting the Kerberos server.

> The user and group key-rings are a good idea, so I guess the order with
> which key-rings are checked for keys is:
> 	Thread
> 	Process
> 	Session???
> 	User
> 	Group

That's about it, yes. Group keyrings don't currently actually exist.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/