Date: Mon, 26 Dec 2005 09:40:05 GMT From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/90800: [patch] it is possible to fake credentials in LOCAL_CREDS Message-ID: <200512260940.jBQ9e5bH013673@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/90800; it has been noted by GNATS. From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> To: Maxim Konovalov <maxim@macomnet.ru> Cc: bug-followup@freebsd.org Subject: Re: kern/90800: [patch] it is possible to fake credentials in LOCAL_CREDS Date: Mon, 26 Dec 2005 11:26:22 +0200 On Thu, Dec 22, 2005 at 03:08:58PM +0300, Maxim Konovalov wrote: > Andrey, very detailed and useful PR. Any chances you integrate your > tests to the existent regression tests for unix-domain sockets > (src/tools/regression/sockets) or create a new one? Don't forget > about kern/90644 :-) I implemented following tests: Available tests for stream sockets: 1: Sending, receiving cmsgcred 2: Receiving sockcred (listening socket has LOCAL_CREDS) 3: Receiving sockcred (accepted socket has LOCAL_CREDS) 4: Sending cmsgcred, receiving sockcred Available tests for datagram sockets: 1: Sending, receiving cmsgcred 2: Receiving sockcred 3: Sending cmsgcred, receiving sockcred And found following problems on FreeBSD 6.0 (not including problems I reported about): * Struct sockcred{} in sc_groups[0] has EGID. This is wrong since struct sockcred{} already has sc_egid. NetBSD 2.0, does not include EGID in sc_groups. This problem is easy to correct. In FreeBSD in struct cmsgcred{} in cmcred_groups[0] has EGID, but struct cmsgcred{} does not have field with EGID. * PF_LOCAL,SOCK_DGRAM sockets do not support LOCAL_CREDS option, because they do not have pr_ctloutput. On NetBSD 2.0 it is possible to set LOCAL_CREDS option for datagram sockets. (I compare current implementation with NetBSD 2.0 one, since LOCAL_CREDS option also exists there) These tests are available here: http://www.comsys.ntu-kpi.kiev.ua/~simon/local_cmsg/ MD5 (local_cmsg-20051226.tar.bz2) = c011e86c2020bbcbd8e93286896e2d4d
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512260940.jBQ9e5bH013673>