|author||David Howells <firstname.lastname@example.org>||2015-01-22 22:34:32 +0000|
|committer||David Howells <email@example.com>||2015-01-22 22:34:32 +0000|
|parent||tpm/tpm_tis: Add missing ifdef CONFIG_ACPI for pnp_acpi_device (diff)|
KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y
Now that /proc/keys is used by libkeyutils to look up a key by type and description, we should make it unconditional and remove CONFIG_DEBUG_PROC_KEYS. Reported-by: Jiri Kosina <firstname.lastname@example.org> Signed-off-by: David Howells <email@example.com> Tested-by: Jiri Kosina <firstname.lastname@example.org>
Diffstat (limited to '')
1 files changed, 0 insertions, 18 deletions
diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index a4f3f8c48d6e..72483b8f1be5 100644
@@ -80,21 +80,3 @@ config ENCRYPTED_KEYS
Userspace only ever sees/stores encrypted blobs.
If you are unsure as to whether this is required, answer N.
- bool "Enable the /proc/keys file by which keys may be viewed"
- depends on KEYS
- This option turns on support for the /proc/keys file - through which
- can be listed all the keys on the system that are viewable by the
- reading process.
- The only keys included in the list are those that grant View
- permission to the reading process whether or not it possesses them.
- Note that LSM security checks are still performed, and may further
- filter out keys that the current process is not authorised to view.
- Only key attributes are listed here; key payloads are not included in
- the resulting table.
- If you are unsure as to whether this is required, answer N.