Set more strict permissions on keyring

We want to confine access to the keyring to the current process and not let root easily peek into the keyring contents.
author: Simo Sorce <ssorce@redhat.com> 2011-11-11 16:59:21 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-11-22 10:50:48 -0500
commit: e369fc08906383e6d5c39832f31bb6600a33f887 (patch)
tree: e9f3868b0656f971c94ae06871c621653596c885 /src/providers/krb5
parent: 98e0f08e3de3f8f035790adcd614cff6bf6dd34d (diff)
download: sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.tar.gz
sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.tar.xz
sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/providers/krb5/krb5_delayed_online_authentication.c b/src/providers/krb5/krb5_delayed_online_authentication.c
index 02f09919..d5dea3bb 100644
--- a/src/providers/krb5/krb5_delayed_online_authentication.c
+++ b/src/providers/krb5/krb5_delayed_online_authentication.c
@@ -258,7 +258,7 @@ errno_t add_user_to_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
 
 #ifdef USE_KEYRING
     new_pd->key_serial = add_key("user", new_pd->user, new_pd->authtok,
-                                 new_pd->authtok_size, KEY_SPEC_THREAD_KEYRING);
+                                 new_pd->authtok_size, KEY_SPEC_SESSION_KEYRING);
     if (new_pd->key_serial == -1) {
         ret = errno;
         DEBUG(1, ("add_key fialed [%d][%s].\n", ret, strerror(ret)));
author	Simo Sorce <ssorce@redhat.com>	2011-11-11 16:59:21 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-11-22 10:50:48 -0500
commit	e369fc08906383e6d5c39832f31bb6600a33f887 (patch)
tree	e9f3868b0656f971c94ae06871c621653596c885 /src/providers/krb5
parent	98e0f08e3de3f8f035790adcd614cff6bf6dd34d (diff)
download	sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.tar.gz sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.tar.xz sssd_unused-e369fc08906383e6d5c39832f31bb6600a33f887.zip