Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932104AbVJGIvA (ORCPT ); Fri, 7 Oct 2005 04:51:00 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S932117AbVJGIu7 (ORCPT ); Fri, 7 Oct 2005 04:50:59 -0400 Received: from mx1.redhat.com ([66.187.233.31]:10157 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S932104AbVJGIu7 (ORCPT ); Fri, 7 Oct 2005 04:50:59 -0400 From: David Howells In-Reply-To: References: <29942.1128529714@warthog.cambridge.redhat.com> <20051005211030.GC16352@shell0.pdx.osdl.net> <23333.1128596048@warthog.cambridge.redhat.com> <30209.1128611882@warthog.cambridge.redhat.com> To: James Morris Cc: David Howells , Chris Wright , Andrew Morton , Linus Torvalds , keyrings@linux-nfs.org, linux-kernel@vger.kernel.org, Stephen Smalley , Steve Grubb Subject: Re: [Keyrings] [PATCH] Keys: Add LSM hooks for key management X-Mailer: MH-E 7.84; nmh 1.1; GNU Emacs 22.0.50.1 Date: Fri, 07 Oct 2005 09:50:35 +0100 Message-ID: <21406.1128675035@warthog.cambridge.redhat.com> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 597 Lines: 16 James Morris wrote: > > The permissions check done on the keyring merely assures that the keyring > > can be modified, not that a new key may or may not actually be created. > > Ok, time to add KEY_CREATE? But to what? It is possible to request or create a key without linking it to anything, at least for kernel services. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/