fscrypt.git/security/keyring.go, branch v0.2.4 Go tool for managing Linux filesystem encryption Ensure keyring privilege changes are reversible 2018-08-23T18:00:34+00:00 Joe Richey joerichey@google.com joerichey@google.com 2018-08-22T12:23:00+00:00 315f9b042237200174a1fb99427f74027e191d66 This change makes sure that, when we set the ruid and euid in order to get the user keyring linked into the current process keyring, we will always be able to reverse these changes (using a suid of 0). This fixes an issue where "su <user>" would result in a system error when called by an unprivileged user. It also explains exactly how and why we are making these privilege changes. 
This change makes sure that, when we set the ruid and euid in order to
get the user keyring linked into the current process keyring, we will
always be able to reverse these changes (using a suid of 0).

This fixes an issue where "su <user>" would result in a system error
when called by an unprivileged user. It also explains exactly how and
why we are making these privilege changes.
Fix lint 2017-09-29T10:08:03+00:00 Joseph Richey joerichey94@gmail.com 2017-09-29T10:06:17+00:00 6f6c91993294d9bc753d22f58884dcc8e0a2f108 






security: Add check option to UserKeyringID
2017-09-29T09:52:56+00:00

Joseph Richey
joerichey94@gmail.com

2017-09-29T09:52:56+00:00

4d9372795e7b53d105f69790c1d9deadbff85458












security: Change user keyring lookup algorithm
2017-09-01T07:53:07+00:00

Joseph Richey
joerichey94@gmail.com

2017-09-01T07:53:07+00:00

1ce72a7367967152948dbe332ea8d9834f194c27

Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.





Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.







security: Error if privilege reset goes wrong
2017-08-31T19:09:26+00:00

Joe Richey
joerichey@google.com

2017-08-31T19:09:26+00:00

f1bd511fff8e411687001bd8e76e8a41c9f5ff41












Fixed linter issues
2017-08-31T18:29:30+00:00

Joe Richey
joerichey@google.com

2017-08-31T18:29:30+00:00

5586bc35fbb33f20c38f52285c19c015b804ea94












security: Rewrite of keryings and permissions
2017-08-31T00:51:05+00:00

Joe Richey
joerichey@google.com

2017-08-31T00:51:05+00:00

7888645ab68ed0510ff66121f35630b11976a09f

The keyring lookup functions no longer read from /proc/keys. Now they
simply spawn a thread, drop privs, and check with GetKeyringID and
KEY_SPEC_USER_KEYRING. See userKeyringID() for more info.

The privileges functions have also been changed. Now the concept of
setting privileges is seperate form the concept of setting up the
keyrings.





The keyring lookup functions no longer read from /proc/keys. Now they
simply spawn a thread, drop privs, and check with GetKeyringID and
KEY_SPEC_USER_KEYRING. See userKeyringID() for more info.

The privileges functions have also been changed. Now the concept of
setting privileges is seperate form the concept of setting up the
keyrings.







security: fscrypt now possesses the user keyring
2017-08-24T06:46:54+00:00

Joseph Richey
joerichey94@gmail.com

2017-08-24T06:46:54+00:00

7fbff9a4d531e33f3d7c7e0b9871c2e19a55bace












Added some documentation and improved security API
2017-08-23T19:29:10+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-23T19:29:10+00:00

b15792b8d7c197d84970415fd2525c51aee3996c












security: Fixed typo and improved error handling
2017-08-22T18:32:03+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-22T18:32:03+00:00

50256fab010adfde1b349160460659fb03d8c8ac