diff options
-rw-r--r-- | Documentation/keys.txt | 16 | ||||
-rw-r--r-- | security/Kconfig | 20 | ||||
-rw-r--r-- | security/keys/proc.c | 7 |
3 files changed, 32 insertions, 11 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index 3bbe157b45e4..70e83cf664ae 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
@@ -270,9 +270,17 @@ about the status of the key service: | |||
270 | 270 | ||
271 | (*) /proc/keys | 271 | (*) /proc/keys |
272 | 272 | ||
273 | This lists all the keys on the system, giving information about their | 273 | This lists the keys that are currently viewable by the task reading the |
274 | type, description and permissions. The payload of the key is not available | 274 | file, giving information about their type, description and permissions. |
275 | this way: | 275 | It is not possible to view the payload of the key this way, though some |
276 | information about it may be given. | ||
277 | |||
278 | The only keys included in the list are those that grant View permission to | ||
279 | the reading process whether or not it possesses them. Note that LSM | ||
280 | security checks are still performed, and may further filter out keys that | ||
281 | the current process is not authorised to view. | ||
282 | |||
283 | The contents of the file look like this: | ||
276 | 284 | ||
277 | SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY | 285 | SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY |
278 | 00000001 I----- 39 perm 1f3f0000 0 0 keyring _uid_ses.0: 1/4 | 286 | 00000001 I----- 39 perm 1f3f0000 0 0 keyring _uid_ses.0: 1/4 |
@@ -300,7 +308,7 @@ about the status of the key service: | |||
300 | (*) /proc/key-users | 308 | (*) /proc/key-users |
301 | 309 | ||
302 | This file lists the tracking data for each user that has at least one key | 310 | This file lists the tracking data for each user that has at least one key |
303 | on the system. Such data includes quota information and statistics: | 311 | on the system. Such data includes quota information and statistics: |
304 | 312 | ||
305 | [root@andromeda root]# cat /proc/key-users | 313 | [root@andromeda root]# cat /proc/key-users |
306 | 0: 46 45/45 1/100 13/10000 | 314 | 0: 46 45/45 1/100 13/10000 |
diff --git a/security/Kconfig b/security/Kconfig index 34f593410d57..67785df264e5 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -22,16 +22,22 @@ config KEYS | |||
22 | If you are unsure as to whether this is required, answer N. | 22 | If you are unsure as to whether this is required, answer N. |
23 | 23 | ||
24 | config KEYS_DEBUG_PROC_KEYS | 24 | config KEYS_DEBUG_PROC_KEYS |
25 | bool "Enable the /proc/keys file by which all keys may be viewed" | 25 | bool "Enable the /proc/keys file by which keys may be viewed" |
26 | depends on KEYS | 26 | depends on KEYS |
27 | help | 27 | help |
28 | This option turns on support for the /proc/keys file through which | 28 | This option turns on support for the /proc/keys file - through which |
29 | all the keys on the system can be listed. | 29 | can be listed all the keys on the system that are viewable by the |
30 | reading process. | ||
30 | 31 | ||
31 | This option is a slight security risk in that it makes it possible | 32 | The only keys included in the list are those that grant View |
32 | for anyone to see all the keys on the system. Normally the manager | 33 | permission to the reading process whether or not it possesses them. |
33 | pretends keys that are inaccessible to a process don't exist as far | 34 | Note that LSM security checks are still performed, and may further |
34 | as that process is concerned. | 35 | filter out keys that the current process is not authorised to view. |
36 | |||
37 | Only key attributes are listed here; key payloads are not included in | ||
38 | the resulting table. | ||
39 | |||
40 | If you are unsure as to whether this is required, answer N. | ||
35 | 41 | ||
36 | config SECURITY | 42 | config SECURITY |
37 | bool "Enable different security models" | 43 | bool "Enable different security models" |
diff --git a/security/keys/proc.c b/security/keys/proc.c index 12b750e51fbf..686a9ee0c5de 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c | |||
@@ -137,6 +137,13 @@ static int proc_keys_show(struct seq_file *m, void *v) | |||
137 | struct timespec now; | 137 | struct timespec now; |
138 | unsigned long timo; | 138 | unsigned long timo; |
139 | char xbuf[12]; | 139 | char xbuf[12]; |
140 | int rc; | ||
141 | |||
142 | /* check whether the current task is allowed to view the key (assuming | ||
143 | * non-possession) */ | ||
144 | rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW); | ||
145 | if (rc < 0) | ||
146 | return 0; | ||
140 | 147 | ||
141 | now = current_kernel_time(); | 148 | now = current_kernel_time(); |
142 | 149 | ||