Re: [RFC] call_with_creds()

From: David Howells
Date: Wed Jul 18 2018 - 17:28:49 EST

Next message: David Howells: "Getting rid of the usage of write() -- was Re: [PATCH 00/32] VFS: Introduce filesystem context [ver #9]"
Previous message: David Howells: "Re: [RFC] call_with_creds()"
In reply to: Linus Torvalds: "Re: [RFC] call_with_creds()"
Next in thread: Linus Torvalds: "Re: [RFC] call_with_creds()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:

> I explained earlier why it's wrong and fragile, and why it can just
> cause the *reverse* security problem if you do it wrong. So now you
> take a subtle bug, and make it even more subtle, and encourage people
> to do this known-broken model of using creds at IO time.

Are network filesystems allowed to use f_cred at I/O time to determine the
authentication/encryption parameters to commune with the server?

David

Next message: David Howells: "Getting rid of the usage of write() -- was Re: [PATCH 00/32] VFS: Introduce filesystem context [ver #9]"
Previous message: David Howells: "Re: [RFC] call_with_creds()"
In reply to: Linus Torvalds: "Re: [RFC] call_with_creds()"
Next in thread: Linus Torvalds: "Re: [RFC] call_with_creds()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]