diff options
author | Michael LeMay <mdlemay@epoch.ncsc.mil> | 2006-06-26 03:24:56 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-26 12:58:18 -0400 |
commit | 06ec7be557a1259611d6093a00463c42650dc71a (patch) | |
tree | b83cdbc8405e0a174939d36e4fe40fb8adb51071 /security/Kconfig | |
parent | e51f6d343789a4f0a2a7587ad7ec7746969d5c1c (diff) |
[PATCH] keys: restrict contents of /proc/keys to Viewable keys
Restrict /proc/keys such that only those keys to which the current task is
granted View permission are presented.
The documentation is also updated to reflect these changes.
Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/Kconfig')
-rw-r--r-- | security/Kconfig | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/security/Kconfig b/security/Kconfig index 34f593410d57..67785df264e5 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -22,16 +22,22 @@ config KEYS | |||
22 | If you are unsure as to whether this is required, answer N. | 22 | If you are unsure as to whether this is required, answer N. |
23 | 23 | ||
24 | config KEYS_DEBUG_PROC_KEYS | 24 | config KEYS_DEBUG_PROC_KEYS |
25 | bool "Enable the /proc/keys file by which all keys may be viewed" | 25 | bool "Enable the /proc/keys file by which keys may be viewed" |
26 | depends on KEYS | 26 | depends on KEYS |
27 | help | 27 | help |
28 | This option turns on support for the /proc/keys file through which | 28 | This option turns on support for the /proc/keys file - through which |
29 | all the keys on the system can be listed. | 29 | can be listed all the keys on the system that are viewable by the |
30 | reading process. | ||
30 | 31 | ||
31 | This option is a slight security risk in that it makes it possible | 32 | The only keys included in the list are those that grant View |
32 | for anyone to see all the keys on the system. Normally the manager | 33 | permission to the reading process whether or not it possesses them. |
33 | pretends keys that are inaccessible to a process don't exist as far | 34 | Note that LSM security checks are still performed, and may further |
34 | as that process is concerned. | 35 | filter out keys that the current process is not authorised to view. |
36 | |||
37 | Only key attributes are listed here; key payloads are not included in | ||
38 | the resulting table. | ||
39 | |||
40 | If you are unsure as to whether this is required, answer N. | ||
35 | 41 | ||
36 | config SECURITY | 42 | config SECURITY |
37 | bool "Enable different security models" | 43 | bool "Enable different security models" |