Re: [PATCH] implement in-kernel keys & keyring management [try #4]

[Kyle Moffett]

One feature that appears to be missing is a key handle or key reference,
essentially a structure for manipulating a key with an additional 
permissions
mask and the ability to be both cloned and revoked.  A clone should have
the same permission mask as the parent, reducible, of course.  When a 
key
reference is revoked it also revokes all cloned references, and their 
clones,
etc.  I guess a clone should be made when passed across a UNIX pipe, as
well as when passed to a child process.  That way I can give some daemon
a key handle to do work for me, then revoke the daemon's handle only, 
not
all the other handles I may have, when I'm done with it.

Cheers,
Kyle Moffett

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a17 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP+++ t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r  
!y?(-)
------END GEEK CODE BLOCK------


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/