[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: [PATCH] SCM_CREDS support 1(2)



On Wed, 2013-10-16 at 10:46 +0200, Samuel Thibault wrote:
> Svante Signell, le Wed 16 Oct 2013 09:50:27 +0200, a écrit :

> 
> Also, you need to check that it works when the sender and the receiver
> don't have the same uid/gid/etc., e.g. root sending to a normal user
> (which is one of the most used cases).

Will do.

> > So let's be serious, which entries are part of the ancillary data to
> > check: pid, auid, agid, euid, egid (not in scm_creds), cmcred_groups[]?
> 
> All of them. Everything that is provided in cmsgcred is supposed to have
> been checked by the operating system as being correct.

How to handle case where not all ancillary data is sent, e.g. groups
missing?

The header file socket.h states the following:
/* Structure delivered by SCM_CREDS.  This describes the identity of the
   sender of the data simultaneously received on the socket.  By BSD
   convention, this is included only when a sender on a AF_LOCAL socket
   sends cmsg data of this type and size; the sender's structure is
   ignored, and the system fills in the various IDs of the sender
process.  */

Should we follow the BSD convention and completely ignore sent ancillary
data as kFreeBSD does?

> > E.g. where to add the groups data, on the transmit or receive side?
> 
> Well, just like other fields: the transmit side should send it, and the
> receive side should check them.  I don't see what poses problem.

Ok, I'll fix that.




Reply to: