From owner-freebsd-bluetooth@FreeBSD.ORG Thu Feb 22 00:49:31 2007 Return-Path: X-Original-To: freebsd-bluetooth@freebsd.org Delivered-To: freebsd-bluetooth@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0B0EE16A401 for ; Thu, 22 Feb 2007 00:49:31 +0000 (UTC) (envelope-from maksim.yevmenkin@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.232]) by mx1.freebsd.org (Postfix) with ESMTP id BCC6B13C46B for ; Thu, 22 Feb 2007 00:49:30 +0000 (UTC) (envelope-from maksim.yevmenkin@gmail.com) Received: by nz-out-0506.google.com with SMTP id i11so14007nzh for ; Wed, 21 Feb 2007 16:49:30 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=H52BwksylfG/AkKU8yDuSxi3Y6ymVW4hdOMx7WTB0p0/lY56IFnjzN+IIKBp8Rn2QLPAPCque0LZsr96d3BueWU8HmG1G3AUW2OOcDDzwXBLfWt+nHVzmXpGP/38lveSPzodqXt/UgM1LcOThoHsgFx/TFDbFUZm2G93IMQ/g3g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=OqYDrPGY0kge4oBNkwjoqD+Bha5O5WN42gfh28mU4Ba68HEZSetx34tyUr6Qe5YCvddGnoYacNJid4FQsdJ8TcfPflhxKjWKZbcdJHXb947XrAD2HkEUkcff44zNkZSLh+A4ZX5OE6dia7BYWVQ8Qs+ybmDoD22kNBx1bRuwILA= Received: by 10.65.186.14 with SMTP id n14mr75486qbp.1172105370081; Wed, 21 Feb 2007 16:49:30 -0800 (PST) Received: by 10.65.137.17 with HTTP; Wed, 21 Feb 2007 16:49:30 -0800 (PST) Message-ID: Date: Wed, 21 Feb 2007 16:49:30 -0800 From: "Maksim Yevmenkin" To: "Iain Hibbert" In-Reply-To: <1172096628.479674.24514.nullmailer@galant.ukfsn.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1171997469.725737.13812.nullmailer@galant.ukfsn.org> <1172096628.479674.24514.nullmailer@galant.ukfsn.org> Cc: freebsd-bluetooth@freebsd.org Subject: Re: obexapp 1.4.5 X-BeenThere: freebsd-bluetooth@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Using Bluetooth in FreeBSD environments List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Feb 2007 00:49:31 -0000 On 2/21/07, Iain Hibbert wrote: > On Wed, 21 Feb 2007, Maksim Yevmenkin wrote: > > well, the sdp_session_open() is called before setgid()/setuid() so > > sdpd will mark this session as "privileged". once sdp session is open, > > obexapp can drop its privileges and still be able to register service > > with sdpd. > > I think the problem with my implementation of this is that the SCM_CREDS > information is sent alongside the first normal message, and because that > are not sent until after the setuid(), the credentials have changed.. ok > As I recall, for PEER_CREDS, sdpd actively queries the remote credentials > when as the socket is open - (it seems that a slight race condition could > exist there, or are the credentials passed the ones that were used to open > the socket?) i do not think so, from kern/uipc_usrreq.c ... /* * unp_peercred management: * * The connecter's (client's) credentials are copied from its * process structure at the time of connect() (which is now). */ cru2x(td->td_ucred, &unp3->unp_peercred); unp3->unp_flags |= UNP_HAVEPC; /* * The receiver's (server's) credentials are copied from the * unp_peercred member of socket on which the former called * listen(); unp_listen() cached that process's credentials * at that time so we can use them now. */ ... > I will look into this a bit more, maybe if I arrange to send() an zero > length message before changing the uid it may work, though I'm not sure > how well sdpd will handle that.. i'm not sure what are you suggesting thanks, max