This seems like a reasonable change, but I'm willing to listen to arguments to the contrary...
cifscreds currently hangs the keys off of the uid keyring. It seems more appropriate though that we require that each session have its own set. This might be particularly important in a containerized situation. If a user authenticates in one container, then we probably don't want to allow a user in another to "borrow" those creds. Signed-off-by: Jeff Layton <[email protected]> --- cifscreds.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/cifscreds.c b/cifscreds.c index cbd431e..6079b38 100644 --- a/cifscreds.c +++ b/cifscreds.c @@ -51,7 +51,7 @@ #define DOMAIN_DISALLOWED_CHARS "\\/:*?\"<>|" /* destination keyring */ -#define DEST_KEYRING KEY_SPEC_USER_KEYRING +#define DEST_KEYRING KEY_SPEC_SESSION_KEYRING struct cmdarg { char *host; -- 1.7.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
