Re: [PATCH 1/3] Keys: Pass session keyring to call_usermodehelper()

[David Howells]

Andrew Morton <akpm@xxxxxxxx> wrote:

> Well one question is "does it make sense to make a keyring session a part
> of the call_usermodehelper() API?".  As it appears that only one caller
> will ever want to do that then I'd say no, and that it should be some
> specialised thing private to the key code and the call_usermodehelper()
> implementation.
> 
> So unless you think that a significant number of callers will appear who
> are actually using the new capability then it would be better to keep the
> existing call_usermodehelper() API.

That's a good question, and one that's not easy to answer. Obviously, at the
moment there will only be that one user. I'm not sure that other users will
necessarily want to make use of it.

On the other hand, I can see the authorisation key bit being extended to
provide all of these things with access to the authorising process's keyrings,
whether or not they're constructing keys; but that can probably be made
transparent.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/