In message <[EMAIL PROTECTED]>,David Howells writes: >That's what appeared to be shown in Miles's "keyctl show" output: > > Session Keyring > -3 --alswrv 0 0 keyring: _uid_ses.0 > 2 --alswrv 0 0 \_ keyring: _uid.0 > 29391168 ----s--v 0 0 \_ afs_pag: _pag > >That would seem to be odd, given that the AFS code appears to forcibly replace >the session keyring when setpag() is invoked.
the keyring being owned by uid 0 means that setpag() was called by someone running as uid 0. the afs pag is always uid = 0 so that users cant modify the key and discern its contents. not owning the keyring used to be a problem with earlier version of the keyring code as i recall. this explains the 'extra' permission bits. i dont know what created the _uid.0 keyring. >Is it possible that Miles has an older version of that piece of code? unlikely. _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
