Re: RFC: [PATCH] SCM_CREDS support 1(2)
On Wed, 2013-10-16 at 10:46 +0200, Samuel Thibault wrote:
> Svante Signell, le Wed 16 Oct 2013 09:50:27 +0200, a écrit :
>
> Also, you need to check that it works when the sender and the receiver
> don't have the same uid/gid/etc., e.g. root sending to a normal user
> (which is one of the most used cases).
Will do.
> > So let's be serious, which entries are part of the ancillary data to
> > check: pid, auid, agid, euid, egid (not in scm_creds), cmcred_groups[]?
>
> All of them. Everything that is provided in cmsgcred is supposed to have
> been checked by the operating system as being correct.
How to handle case where not all ancillary data is sent, e.g. groups
missing?
The header file socket.h states the following:
/* Structure delivered by SCM_CREDS. This describes the identity of the
sender of the data simultaneously received on the socket. By BSD
convention, this is included only when a sender on a AF_LOCAL socket
sends cmsg data of this type and size; the sender's structure is
ignored, and the system fills in the various IDs of the sender
process. */
Should we follow the BSD convention and completely ignore sent ancillary
data as kFreeBSD does?
> > E.g. where to add the groups data, on the transmit or receive side?
>
> Well, just like other fields: the transmit side should send it, and the
> receive side should check them. I don't see what poses problem.
Ok, I'll fix that.
Reply to: