Date: Wed, 29 Nov 2017 22:58:58 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 215202] LOCAL_PEERCRED / xucred does not have process ID Message-ID: <bug-215202-8-gPJ3TPigXp@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-215202-8@https.bugs.freebsd.org/bugzilla/> References: <bug-215202-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215202 Jilles Tjoelker <jilles@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jilles@FreeBSD.org --- Comment #2 from Jilles Tjoelker <jilles@FreeBSD.org> --- The pid in LOCAL_PEERCRED is not a security feature but only a feature to enforce that a proper security feature can be added later. This is because there is nothing to enforce that the pid refers to the same process or that= it has not executed some other binary; also, applications are not isolated in a way that makes different Wayland privileges useful for security. Adding pid to struct ucred seems wrong since it is shared between processes that do not change their credentials. This would make more sense as a prope= rty of the socket. The pid would then be the pid of the process that called listen() or connect(). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215202-8-gPJ3TPigXp>