On Dec 2, 2010, at 12:13 PM, Per Øyvind Karlsen wrote:
>>
>> Read up on keyutils, the best source of how to use is
>> the README in the source code.
> k, thx for the pointer, will read up on. :)
>
Its crypto so its gonna make yer head hurt a bit.
But when once you get the hang of
per-thread
per-process
per-user
...
per-session
stores (there's like 7 layers iirc), keyutils
is JUST a place to stash secrets that goes poof!
when a process exists or a user logs off or a session
is terminated.
I strongly suggest scripting your way through adding/deleting
an item using /usr/bin/keyutils to understand what is
happening. It isn't at all hard, just conceptually complex.
Note also that keyutils has the ability to asyncronously
invoke another executable (think:
Do you really "trust" blah blah (y/N)?
popups in applets and GUI's and ... which RPM (because "batch oriented")
is forbidden by design to undertake as a luser dialogue.
keyutils also includes negative lookups so the script kiddies
feeeble implementations don't end up as fork bombs.
negative lookups == if a async lookup fails, don't bother
repeating pointlessness until a timer expires. DNS (and nscd)
also has "negative lookups" implemented.
73 de Jeff______________________________________________________________________
RPM Package Manager http://rpm5.org
Developer Communication List rpm-devel@rpm5.org
