From owner-freebsd-hackers Mon Nov 25 10:42:39 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA29310 for hackers-outgoing; Mon, 25 Nov 1996 10:42:39 -0800 (PST) Received: from sumatra.americantv.com (sumatra.americantv.com [199.184.181.250]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA29293 for ; Mon, 25 Nov 1996 10:42:28 -0800 (PST) Received: from right.PCS (right.pcs. [148.105.10.31]) by sumatra.americantv.com (8.7.6/8.7.3) with ESMTP id MAA17907; Mon, 25 Nov 1996 12:09:24 -0600 (CST) Received: (jlemon@localhost) by right.PCS (8.6.13/8.6.4) id SAA21376; Mon, 25 Nov 1996 18:40:52 GMT Message-Id: <199611251840.SAA21376@right.PCS> Date: Mon, 25 Nov 1996 12:40:50 -0600 From: jlemon@americantv.com (Jonathan Lemon) To: wpaul@skynet.ctr.columbia.edu (Bill Paul) Cc: hackers@FreeBSD.org Subject: Re: looking for an idea References: <199611242122.QAA02399@skynet.ctr.columbia.edu> X-Mailer: Mutt 0.48.1 Mime-Version: 1.0 In-Reply-To: <199611242122.QAA02399@skynet.ctr.columbia.edu>; from Bill Paul on Nov 24, 1996 16:22:57 -0500 Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > semaphore -- Gaaahhh!!). Previously, I also experimented with > sending a file descriptor over the AF_UNIX socket from the client > to the server using sendmsg()/revcmsg(), but this doesn't provide > any useful (i.e. trustworthy) information either. I thought about Hm. I think this is probably the right track. What you want is some way for the process on the other end of the pipe to prove it's identity to the server. How about having the client create a file of mode 000, and then pass that open file descriptor back to the server? Since it's mode 000, only the owner of the file could have opened it (or chowned it to 000). The file can either be created randomly by the client, or specified by the server. The server can then use the fstat() call on the passed file descriptor to verify that the mode is 000, and that the file was indeed opened by the remote process. It also gets the uid from the fstat() call. -- Jonathan