Re: LOCAL_CREDS and unix domain sockets
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--621616949-972508569-1202295290=:33144
Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
On Tue, 5 Feb 2008, Zane C.B. wrote:
> On Tue, 5 Feb 2008 13:21:10 -0200 Fernando Schapachnik=20
> <fschapachnik@mecon.gov.ar> wrote:
>
>> En un mensaje anterior, Zane C.B. escribi=F3:
>>> With unix domain sockets, unix(4), are LOCAL_CREDS actually supported o=
r=20
>>> not?
>>>
>>> I've been trying to fetch this from within a Perl script using 'my=20
>>> $local_creds=3D$some_connection->sockopt(LOCAL_CREDS)', but all I keep=
=20
>>> getting is a undefined variable in return, as if fetching it is not=20
>>> supported.
>>
>> Maybe LOCAL_CREDS is not defined. Maybe LOCAL_CREDS() (perl notation for=
=20
>> constants) works?
>
> Hmm, that turns out to be the point. I've checked and it is not in=20
> '/usr/local/lib/perl5/5.8.8/mach/Socket.pm'.
>
> I think my understanding if when I originally posted the email was wrong =
as=20
> well. I need to set the socket option LOCAL_CREDS and fetch them using=20
> recvmsg.
>
> Can some one please verify my understanding of this is right?
Yes, that's correct -- you use setsockopt() to request that an SCM_CREDS=20
control message be attached to either every message coming in on the socket=
=20
(SOCK_DGRAM) or the first message arriving on accepted sockets (listen=20
SOCK_STREAM). You can then use recvmsg to get the credential information.
Alternatively, LOCAL_PEERCRED allows you to query the credential at any tim=
e=20
using a socket option for a stream socket (keep in mind that the credential=
is=20
cached when the connection is made, and might not reflect the credential of=
a=20
process sending on the socket if it's been inherited/passed).
Robert N M Watson
Computer Laboratory
University of Cambridge
--621616949-972508569-1202295290=:33144
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
--621616949-972508569-1202295290=:33144--
討論串 (同標題文章)
完整討論串 (本文為第 4 之 4 篇):