linux-hardened/security/keys
David Howells cab8eb594e [PATCH] keys: Discard duplicate keys from a keyring on link
Cause any links within a keyring to keys that match a key to be linked into
that keyring to be discarded as a link to the new key is added.  The match is
contingent on the type and description strings being the same.

This permits requests, adds and searches to displace negative, expired,
revoked and dead keys easily.  After some discussion it was concluded that
duplicate valid keys should probably be discarded also as they would otherwise
hide the new key.

Since request_key() is intended to be the primary method by which keys are
added to a keyring, duplicate valid keys wouldn't be an issue there as that
function would return an existing match in preference to creating a new key.

Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Alexander Zangerl <az@bond.edu.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-08 20:13:53 -08:00
..
compat.c [PATCH] keys: Permit key expiry time to be set 2006-01-08 20:13:53 -08:00
internal.h [PATCH] keys: Permit key expiry time to be set 2006-01-08 20:13:53 -08:00
key.c [PATCH] security/: possible cleanups 2006-01-06 08:33:30 -08:00
keyctl.c [PATCH] keys: Permit key expiry time to be set 2006-01-08 20:13:53 -08:00
keyring.c [PATCH] keys: Discard duplicate keys from a keyring on link 2006-01-08 20:13:53 -08:00
Makefile [PATCH] Keys: Split key permissions checking into a .c file 2005-10-08 14:53:31 -07:00
permission.c [PATCH] Keys: Add LSM hooks for key management [try #3] 2005-10-30 17:37:23 -08:00
proc.c [PATCH] Keys: Add possessor permissions to keys [try #3] 2005-09-28 09:10:47 -07:00
process_keys.c [PATCH] Keys: Add LSM hooks for key management [try #3] 2005-10-30 17:37:23 -08:00
request_key.c [PATCH] Keys: Add request-key process documentation 2005-10-08 14:53:31 -07:00
request_key_auth.c [PATCH] Keys: Add request-key process documentation 2005-10-08 14:53:31 -07:00
user_defined.c [PATCH] Keys: Remove key duplication 2006-01-06 08:33:29 -08:00