linux-stable-rt/security
David Howells 9156235b34 KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation key
Authorise a process to perform keyctl_set_timeout() on an uninstantiated key if
that process has the authorisation key for it.

This allows the instantiator to set the timeout on a key it is instantiating -
provided it does it before instantiating the key.

For instance, the test upcall script provided with the keyutils package could
be modified to set the expiry to an hour hence before instantiating the key:

	[/usr/share/keyutils/request-key-debug.sh]
	 if [ "$3" != "neg" ]
	 then
	+    keyctl timeout $1 3600
	     keyctl instantiate $1 "Debug $3" $4 || exit 1
	 else

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-08-02 15:34:27 +10:00
..
integrity/ima kref: remove kref_set 2010-05-21 09:37:29 -07:00
keys KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation key 2010-08-02 15:34:27 +10:00
selinux selinux: remove all rcu head initializations 2010-08-02 15:33:35 +10:00
smack smack: opt_dentry is never null in in smack_d_instantiate() 2010-08-02 15:33:39 +10:00
tomoyo TOMOYO: Update profile structure. 2010-08-02 15:33:43 +10:00
Kconfig
Makefile
capability.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00
commoncap.c
device_cgroup.c
inode.c
lsm_audit.c
min_addr.c
security.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00