The idea with this tool is to put the credentials in the kernel so that the kernel can use them. Restrict permissions to the posessor only.
Signed-off-by: Jeff Layton <[email protected]> --- cifscreds.c | 5 +---- 1 files changed, 1 insertions(+), 4 deletions(-) diff --git a/cifscreds.c b/cifscreds.c index 3d40540..1e9bb6e 100644 --- a/cifscreds.c +++ b/cifscreds.c @@ -256,10 +256,7 @@ static int cifscreds_add(struct cmdarg *arg) fprintf(stderr, "error: Add credential key for %s\n", currentaddress); } else { - if (keyctl(KEYCTL_SETPERM, key, KEY_POS_VIEW | \ - KEY_POS_WRITE | KEY_POS_SEARCH | KEY_USR_VIEW | \ - KEY_USR_WRITE | KEY_USR_SEARCH) < 0 - ) { + if (keyctl(KEYCTL_SETPERM, key, KEY_POS_VIEW | KEY_POS_WRITE | KEY_POS_SEARCH) < 0) { fprintf(stderr, "error: Setting permissons " "on key, attempt to delete...\n"); -- 1.7.7.3 -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
