[OpenAFS] Linux: systemctl --user vs. AFS

Dirk Heinrichs dirk.heinrichs@altum.de
Fri, 9 Mar 2018 17:06:20 +0100


This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Ibl1Zcf44lbnVQlKE7Ruap09tN9NJJBj0
Content-Type: multipart/mixed; boundary="hYJBjJa02mwMWuY57MWcvhlFgEUhFxikt";
 protected-headers="v1"
From: Dirk Heinrichs <dirk.heinrichs@altum.de>
To: openafs-info@openafs.org
Message-ID: <a6239269-31ce-ba90-c628-9a5eb66bd3b4@altum.de>
Subject: Re: [OpenAFS] Linux: systemctl --user vs. AFS
References: <7f6d69d7-859d-722b-74a3-73e23621bca5@altum.de>
 <eb665d45-36ce-6e39-d2b9-f107d1e17bda@auristor.com>
In-Reply-To: <eb665d45-36ce-6e39-d2b9-f107d1e17bda@auristor.com>

--hYJBjJa02mwMWuY57MWcvhlFgEUhFxikt
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: de-DE

Am 08.03.2018 um 18:54 schrieb Jeffrey Altman:
>>  2. let AFS use the per-user keyring instead of the per-session one
>>     (suggested in the systemd bug discussion)
>>
>> Does the second one sound reasonable?
> Switching to the user keyring is unreasonable.  The impact of such a
> change is that all user sessions on a system share the same tokens and
> an effective uid change permits access to those same tokens.
>
> Process Authentication Groups (PAGs) exist explicitly to establish a
> security barrier to prevent such credential leakage.

I understand. However, why not let the user (or better: admin) decide? I
assume this is coded in the cache manager, so the module could be
enhanced with a parameter that allows to choose between the two variants
at module load time. The current behaviour of using the session keyring
could still be the default.

Adding my own two cents...

Bye...

=C2=A0=C2=A0=C2=A0 Dirk

--=20
Dirk Heinrichs <dirk.heinrichs@altum.de>
GPG Public Key: D01B367761B0F7CE6E6D81AAD5A2E54246986015
Sichere Internetkommunikation: http://www.retroshare.org
Privacy Handbuch: https://www.privacy-handbuch.de



--hYJBjJa02mwMWuY57MWcvhlFgEUhFxikt--

--Ibl1Zcf44lbnVQlKE7Ruap09tN9NJJBj0
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEJgWJ3LIo7zNO9tmf0p7rxfc7RqsFAlqisPwACgkQ0p7rxfc7
RqtcMhAAp63Nore76QtSSirX8Shk3J50IuHcRh7XDHv+s61WwSxKfhbhCO0/9BFe
c0f66hQIybDKw5+8eUa2x0oRuVimWbuxqExkYAawlzoeHm2uPxKwOPTx128k85ig
YwvYrWROXF/oNDnnanHXgadTEeazSmcDBmsd5zS/F8sCQgvoRuOUZUM6S3JEKrO4
mCjnuYmu6bkhnIJxEoruoAtpBxL0+Yu80rbn7WUMjbkXAEQidhnFrzfdzFXiUWss
zWoUKKE9pIruQ408E43QW+X5SYQ3jhjf+T2jZFrQ0soCXokDhKeaGMfUQayfKugR
r4Ay0NrnIoFdM6K2jTGd8ED58ml5YIquzm/jrkvm70vtWVql714HeWNnkomdw58B
1+9clvPR1hmiv5zE7yhxyfUKsGMUcBInyeUSmlvTPP8uFJPkGRR0vTP9gdCDIRnJ
NdAtHaTz3Fc5b+RmdSKeOkEebkaihUe1brqmTCTD3lYVWPFb6kQoaT3OHBPflRcx
3TFmFdAWdrVP5r9bteHx4VGHotcZa6XTPFsFMV7ln30s4uHkI10lP3f4QdO7EPQu
lQH7tg8zOdfJ0HpXszSubdJ4tbtaJ9DgNQquy2Xc04xtKDaPS2agXfQrH3P/te2O
612G78Fw2gwQdxxV8Esp4FpQMF1hFZbwPwZ0NdAVqUGRFVO3a60=
=JHTz
-----END PGP SIGNATURE-----

--Ibl1Zcf44lbnVQlKE7Ruap09tN9NJJBj0--