Comment # 20 on bug 1045886 from 
(In reply to Martin Wilck from comment #18)
> So, by running that innocently-looking command, a user would inadvertently
> provide his personal keys to a system service??

And to another user. To illustrate:

bor@10:~> id -a
uid=1000(bor) gid=100(users) groups=100(users)
bor@10:~> keyctl show -x
Session Keyring
0x2f8153fa --alswrv      0     0  keyring: _ses
0x144397e9 ----s-rv      0     0   \_ user: invocation_id
test@10:~> id -a 
uid=1001(test) gid=100(users) groups=100(users)
test@10:~> keyctl show -x

So both users already have access to exactly the same keyrings. Now let's try
what you suggest.

bor@10:~> keyctl link @us @s
test@10:~> keyctl link @us @s

OK, let's check.

bor@10:~> keyctl show -x
Session Keyring
0x2f8153fa --alswrv      0     0  keyring: _ses
0x144397e9 ----s-rv      0     0   \_ user: invocation_id
0x095ea2d9 ---lswrv   1001 65534   \_ keyring: _uid_ses.1001
0x320d41af ---lswrv   1001 65534   |   \_ keyring: _uid.1001
0x0e9e06aa --alswrv   1000 65534   \_ keyring: _uid_ses.1000
0x18889b01 --alswrv   1000 65534       \_ keyring: _uid.1000
test@10:~> keyctl show -x
Session Keyring
0x2f8153fa --alswrv      0     0  keyring: _ses
0x144397e9 ----s-rv      0     0   \_ user: invocation_id
0x095ea2d9 --alswrv   1001 65534   \_ keyring: _uid_ses.1001
0x320d41af --alswrv   1001 65534   |   \_ keyring: _uid.1001
0x0e9e06aa ---lswrv   1000 65534   \_ keyring: _uid_ses.1000
0x18889b01 ---lswrv   1000 65534       \_ keyring: _uid.1000

So both users now have access to user keyring of each other.

You are receiving this mail because: