Re: [PATCH 1/4] eCryptfs: Netlink functions for public key

From: Andrew Morton
Date: Thu Aug 24 2006 - 23:54:57 EST


On Thu, 24 Aug 2006 13:18:32 -0500
Michael Halcrow <mhalcrow@xxxxxxxxxx> wrote:

> eCryptfs netlink type, header updates, and messaging code to provide
> support for userspace callout to perform public key operations.
>

That tells us (with maximum terseness) what it does. We're left to our own
devices to work out why it does this, how it does it and why it does it in
the way in which it does it? This leads to dumb questions ;)

- We have a great clod of key mangement code in-kernel. Why is that not
suitable (or growable) for public key management?

- Is it appropriate that new infrastructure for public key management be
private to a particular fs?

- I see code in there in which the kernel "knows" about specific
userspace processes. By uid and pid. What's all that doing and why is
it done that way?

What happens if one of these daemons exits without sending a quit message?

- It uses netlink to transport keys. What are the security implications
of this? (Can they be sniffed, for example?)

- _why_ does it use netlink?

It's obvious that a string of design decisions have gone into all of this.
Please tell us about them. Please also tell us the answers to all the
other questions I'd have asked if I knew enough about this to ask them.


> * Author(s): Michael A. Halcrow <mahalcro@xxxxxxxxxx>
> + * Trevor S. Highland <trevor.highland@xxxxxxxxx>
> + * Tyler Hicks <tyhicks@xxxxxx>

Do we have signoffs from Trevor and Tyler?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/