[RFC PATCH 00/27] Containers and using authenticated filesystems
jmorris at namei.org
Fri Feb 15 22:36:04 UTC 2019
On Fri, 15 Feb 2019, David Howells wrote:
> Here's a collection of patches that containerises the kernel keys and makes
> it possible to separate keys by namespace. This can be extended to any
> filesystem that uses request_key() to obtain the pertinent authentication
> token on entry to VFS or socket methods.
Shouldn't Eric Biederman be cc'd on this?
<jmorris at namei.org>
More information about the Linux-security-module-archive