Re: [PATCH 4/6] fscrypt: verify that the correct master key was supplied

On Wed, Jul 12, 2017 at 02:00:33PM -0700, Eric Biggers wrote: > From: Eric Biggers > > Currently, while a fscrypt master key is required to have a certain > description in the keyring, its payload is never verified to be correct. > While sufficient for well-behaved

[PATCH 4/6] fscrypt: verify that the correct master key was supplied

From: Eric Biggers Currently, while a fscrypt master key is required to have a certain description in the keyring, its payload is never verified to be correct. While sufficient for well-behaved userspace, this is insecure in a multi-user system where a user has been given