Re: RFC: [PATCH] SCM_CREDS support 1(2)
On Wed, 2013-10-16 at 07:35 +0200, Svante Signell wrote:
> On Wed, 2013-10-16 at 00:49 +0200, Samuel Thibault wrote:
> > Samuel Thibault, le Wed 16 Oct 2013 00:48:35 +0200, a écrit :
> > > Because the receiver does not trust the sender.
> >
> > And that is the *whole* point of SCM_CREDS. Otherwise the sender could
> > simply write a mere struct, without having to go through SCM_*.
>
> Do you mean sending the credentials info in the data part? Well, for
> that there are no checks, are there?
>
> OK, I'll move the check to recvmsg.c then. No problem:) We can also do a
> full re-authentication at the receive end, should that be added too?
> (With a check at the receive end faulty information might be sent,
> right?)
What about being paranoid, and do the check on both the transmit _and_
receive side?
Reply to: