[17374] in Kerberos_V5_Development
Re: GSSAPI Proxy initiative
daemon@ATHENA.MIT.EDU (Nico Williams)
Thu Nov 3 16:53:18 2011
MIME-Version: 1.0
In-Reply-To: <1320352784.18396.109.camel@lade.trondhjem.org>
Date: Thu, 3 Nov 2011 15:53:12 -0500
Message-ID: <CAK3OfOj5P36Z=mD4jo23kkWhzrqXEUU19Q1gDPZ0j=KiDvD1Sw@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: dhowells <dhowells@redhat.com>, linux-nfs@vger.kernel.org,
krbdev <krbdev@mit.edu>, Simo Sorce <simo@redhat.com>
Content-Type: text/plain; charset="utf-8"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit
On Thu, Nov 3, 2011 at 3:39 PM, Trond Myklebust
<Trond.Myklebust@netapp.com> wrote:
>> What I had in mind was something like PAGs or keyrings. Or, to be
>> much more specific, search for my name and the string "credentials
>> process groups" -- a PAG on steroids.
>>
>> The idea is that the IPC peer can observe the other's
>> PAG/keyring/CPG/whatever and use that to find the correct credentials
>> (authorization is still required though).
>
> Linux already has per-user, per-process and per-thread keyrings which
> offer a high security storage solution for keys. The problem with those
> is that they are difficult to use in an asynchronous context when the
> original user's process/thread context is no longer available to us.
For async IPC methods you'd want something like SCM_CREDENTIALS to
give you the keyring/PAG/whatever information you need abou thte peer.
The ancillary data should be complete enough that you can past the
client process/thread being dead, although it's nice to not have to
process a request from a dead entity...
For sync IPC you need something like door_ucred(). And for sync IPC
you can make sure to get SIGCANCEL or equivalent when the client gets
canceled (this is the default in doors).
> Ideally, though, that's what we'd like to see used.
Agreed!
Nico
--
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
