kdbus and kernel keys
Kay Sievers
kay at vrfy.org
Wed Jan 15 12:10:25 PST 2014
On Wed, Jan 15, 2014 at 8:38 PM, David Howells <dhowells at redhat.com> wrote:
>
> Can it be made possible to pass kernel keys around (ie. ones created with the
> add_key() syscall) with kdbus messages?
>
> Whilst you might expect to be able to access a key directly by its ID, you
> might find that this is only possible in practice if the key is given maximal
> permissions.
>
> However, a key can get extra permissions for a process that has it in, say,
> its session keyring (ie. it is 'possessed' by that process). Passing a key
> over kdbus would permit a key's possession state effectively to be passed from
> one process to another.
Kdbus is pure userspace to userspace communication, very much like unix sockets.
I don't know much about the keyring facility, what's the specific use
case you have in mind? Isn't that a bit like file descriptor passing
what you look for?
Kay
More information about the dbus
mailing list