From owner-freebsd-hackers Fri May 4 21:12:10 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from zeus.superscript.com (zeus.superscript.com [206.234.89.16]) by hub.freebsd.org (Postfix) with SMTP id 9501337B424 for ; Fri, 4 May 2001 21:12:07 -0700 (PDT) (envelope-from web@superscript.com) Received: (qmail 30751 invoked by uid 1008); 5 May 2001 04:12:11 -0000 Date: Sat, 5 May 2001 00:12:11 -0400 From: "William E. Baxter" To: Alfred Perlstein Cc: hackers@freebsd.org, dima@unixfreak.org Subject: Re: Getting peer credentials on a unix domain socket Message-ID: <20010505001211.A27676@zeus.superscript.com> References: <20010504214702.A29392@zeus.superscript.com> <20010505032213.3FD923E0B@bazooka.unixfreak.org> <20010504203457.V18676@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20010504203457.V18676@fw.wintelcom.net>; from alfred@freebsd.org on Fri, May 04, 2001 at 08:34:57PM -0700 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, May 04, 2001 at 08:34:57PM -0700, Alfred Perlstein wrote: > The silly part of it is that the socket's initial credentials > might be different than the holder's credentials. A user calls connect() with one set of credentials, subsequently changes credentials, and writes to the socket. Alternatively, the same user first changes credentials, then calls connect() and writes to the socket. So what? > What makes a lot more sense is packaging the messages with the > credentials using the existing interface rather than trusting > possibly stale credential information. My conditions are: 1. Server can obtain credentials of connect() caller (effective uid and gid suffice). 2. Server can obtain credentials without depending on client to send data. Condition (2) prevents local users from launching an anonymous DoS attack by calling connect() and sending no data. How does your approach satisfy condition (2)? W. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message