commit | ef0ce1748380fdf001bd0ff86a45329a12945357 | [log] [tgz] |
---|---|---|
author | Eric Chiang <ericchiang@google.com> | Tue May 21 13:35:56 2019 -0700 |
committer | Tobias Klauser <tobias.klauser@gmail.com> | Fri Sep 20 19:08:10 2019 +0000 |
tree | 14ce6db6429e41389747bc98c87c0c3005899cb4 | |
parent | 0c1ff786ef13daa914a3351c5e6b0321aed5960e [diff] |
unix: add KEYCTL_RESTRICT_KEYRING capabilities Asymmetric keyrings can require key payloads to be X.509 certificates signed by a key in a different keyring. This can be helpful for rotating keys on a live machines for subsystems like IMA while preventing local tampering. Tested locally by applying the "key_or_keyring:<id>" restriction to a keyring. Change-Id: Ia8dcb343abc5f405d374c357d5cac3d5181d7159 Reviewed-on: https://go-review.googlesource.com/c/sys/+/178400 Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
This repository holds supplemental Go packages for low-level interactions with the operating system.
The easiest way to install is to run go get -u golang.org/x/sys
. You can also manually git clone the repository to $GOPATH/src/golang.org/x/sys
.
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.
The main issue tracker for the sys repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/sys:” in the subject line, so it is easy to find.