Re: cleaning up keyrings

From: Alan Cox <alan lxorguk ukuu org uk>
To: "Ray Strode" <halfline gmail com>
Cc: Havoc Pennington <hp redhat com>, desktop-devel-list gnome org, David Zeuthen <david fubar dk>
Subject: Re: cleaning up keyrings
Date: Wed, 29 Aug 2007 22:31:51 +0100

On Wed, 29 Aug 2007 16:39:04 -0400
"Ray Strode" <halfline gmail com> wrote:

> Hi,
> 
> On 8/29/07, Alan Cox <alan lxorguk ukuu org uk> wrote:
> > > Are you asking for an unencrypted area that only one application has
> > > read access to?  If so, you might be able to do something like that
> > > with SELinux (or AppArmor?), but I don't think it would be a very
> > > robust solution.
> >
> > The Linux kernel key service can do this for session/user/user+session
> > and other key types, and you can use SELinux labels on it.
> 
> But the kernel keyring isn't persistent across reboots is it?

It provides a mechanism to manage the keys and to use SELinux labels on
them to control access. If you want to save them across reboots then that
would need user space involvement as well. 

Alan

References:
- cleaning up keyrings
  - From: Havoc Pennington
- Re: cleaning up keyrings
  - From: David Zeuthen
- Re: cleaning up keyrings
  - From: Bryan Clark
- Re: cleaning up keyrings
  - From: Ray Strode
- Re: cleaning up keyrings
  - From: Alan Cox
- Re: cleaning up keyrings
  - From: Ray Strode

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]