From owner-freebsd-arch  Wed Jul  4  2:35:47 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138])
	by hub.freebsd.org (Postfix) with ESMTP id 0CDEE37B401
	for <arch@freebsd.org>; Wed,  4 Jul 2001 02:35:40 -0700 (PDT)
	(envelope-from dima@unixfreak.org)
Received: from hornet.unixfreak.org (hornet [63.198.170.140])
	by bazooka.unixfreak.org (Postfix) with ESMTP
	id 7E2E53E31; Wed,  4 Jul 2001 02:35:36 -0700 (PDT)
To: David Malone <dwmalone@maths.tcd.ie>
Cc: arch@freebsd.org
Subject: Re: Peer credentials on a Unix domain socket 
In-Reply-To: <200107041002.aa78002@salmon.maths.tcd.ie>; from dwmalone@maths.tcd.ie on "Wed, 04 Jul 2001 10:02:35 +0100"
Date: Wed, 04 Jul 2001 02:35:36 -0700
From: Dima Dorfman <dima@unixfreak.org>
Message-Id: <20010704093536.7E2E53E31@bazooka.unixfreak.org>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

David Malone <dwmalone@maths.tcd.ie> writes:
> > With my implementation, the credentials are stored at connect(2) time.
> > In some bizzare cases, this may even be preferred to the credentials
> > at write(2) time.  Of course, having both would be nice :-).
> 
> If we wanted to be consistant with the tcp/udp getcred code we should
> be getting the creds of the person who did the socket(2) call ;-)
> 
> I guess it's a matter if figuring out what the likely uses are and
> what the most sensible semantics are based on those.

Here's one example use: http://www.superscript.com/ucspi-ipc/intro.html.
This author actually provides patches for *BSD to implement getpeereid(),
and I believe--although I haven't checked--that OpenBSD just took his
patch.  (And as I said before, I really think a system call is overdoing it
for something like this, esp. when there's already a nice socket option
interface.)

> I was working
> on making a non-suid version of crontab[*] which used SCM_CREDS
> and SCM_RIGHTS. I was using a datagram socket 'cos it avoided the
> problem of having to listen and accept. In this case, having the
> credentials attached to the data you recieve means that there was
> less doubt about who made the request.
> 
> I wonder how OpenBSD are using getpeerid and what it's semantics
> are?

The semantics are very similar to my patch.

> Do we know the intended uses of any of other options which
> people have implimented?

AFAIK, they aren't using it (read: I haven't seen any commit logs that
suggest they're using it, although OpenBSD's commit logs are
notoriously terse), and I don't know what their intented uses are.

> (Maybe we should just impliment a way of getting the creds of the
> caller of socket, connect or write and let application writers
> choose).

If we do this it would be nice if it were consistent, although I don't
know how useful it would be to know who called socket(2).

					Dima Dorfman
					dima@unixfreak.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message