Date: Thu, 22 Feb 2007 13:08:33 -0800 From: "Maksim Yevmenkin" <maksim.yevmenkin@gmail.com> To: "Iain Hibbert" <plunky@rya-online.net> Cc: freebsd-bluetooth@freebsd.org Subject: Re: obexapp 1.4.5 Message-ID: <bb4a86c70702221308h7a5dbc36j7ccd263d615c05c0@mail.gmail.com> In-Reply-To: <1172174340.896345.1439.nullmailer@galant.ukfsn.org> References: <45dd83a3.33a.2350.278725879@rya-online.net> <bb4a86c70702220943m4761c2abh770a19602d793f14@mail.gmail.com> <1172174340.896345.1439.nullmailer@galant.ukfsn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/22/07, Iain Hibbert <plunky@rya-online.net> wrote: > On Thu, 22 Feb 2007, Maksim Yevmenkin wrote: > > > ah, i see. i was thinking exactly the same, except that i would like > > to make authentication procedure between local sdp client and local > > sdp server well defined and mandatory. > > Hmm, maybe with an AUTH Request/Response rather than credential check? I'm > not sure if that would be a lot of work..? i doubt that we need to go this route. that is just for the local clients. imo, credentials should be more then enough. > I had a thought before about adding an option to permit group access to > the server (eg "-G staff"), and this would not seem so very difficult to > implement (maybe even multiple groups..) yes, i had the same idea too. it's trivial to implement - just need to pass list of user ids and/or group ids that allowed to register services with sdpd. then check credentials against those lists. > > right now, sdpd simply uses getsockopt() to pull cached (inside > > socket) peers credentials (i.e. no messages flow between the client > > and the server) > > Yeah, thats a FreeBSD extension though and so far as I recall, I think > there was some resistance to including it in NetBSD for whatever reason. ok > I didn't get around to the zero length packets, but the following diff > which moves the ServerRegister up before the setuid() calls does the job > for NetBSD at least.. looks reasonable. i will take a closer look and commit this and other patches later. thanks, max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bb4a86c70702221308h7a5dbc36j7ccd263d615c05c0>