From owner-freebsd-arch  Wed Jul  4  2:56: 6 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11])
	by hub.freebsd.org (Postfix) with SMTP id CAFA137B401
	for <arch@freebsd.org>; Wed,  4 Jul 2001 02:56:03 -0700 (PDT)
	(envelope-from dwmalone@maths.tcd.ie)
Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP
          id <aa84171@salmon>; 4 Jul 2001 10:56:03 +0100 (BST)
To: Dima Dorfman <dima@unixfreak.org>
Cc: David Malone <dwmalone@maths.tcd.ie>, arch@freebsd.org
Subject: Re: Peer credentials on a Unix domain socket 
In-reply-to: Your message of "Wed, 04 Jul 2001 02:35:36 PDT."
             <20010704093536.7E2E53E31@bazooka.unixfreak.org> 
X-Request-Do: 
Date: Wed, 04 Jul 2001 10:56:02 +0100
From: David Malone <dwmalone@maths.tcd.ie>
Message-ID:  <200107041056.aa84171@salmon.maths.tcd.ie>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

> Here's one example use: http://www.superscript.com/ucspi-ipc/intro.html.
> This author actually provides patches for *BSD to implement getpeereid(),
> and I believe--although I haven't checked--that OpenBSD just took his
> patch.  (And as I said before, I really think a system call is overdoing it
> for something like this, esp. when there's already a nice socket option
> interface.)

Interesting - I guess this is a little like the inetd unix domain
socket stuff, only it sets some extra environment variables. I
guess it would make sense to have inetd set these variables too.

I see some mention of SO_PEERCRED for Linux - we should probably
find out what was done here and impliment something compatable?
(Least we be accused of suffering from NIH). We could then also
impliment getpeercred in terms of this and impliment the BSDI socket
option. That should cover most bases.

> > Do we know the intended uses of any of other options which
> > people have implimented?

> AFAIK, they aren't using it (read: I haven't seen any commit logs that
> suggest they're using it, although OpenBSD's commit logs are
> notoriously terse), and I don't know what their intented uses are.

I'll try grepping for it in the OpenBSD CVS tree and see.

> > (Maybe we should just impliment a way of getting the creds of the
> > caller of socket, connect or write and let application writers
> > choose).

> If we do this it would be nice if it were consistent, although I don't
> know how useful it would be to know who called socket(2).

The person who called socket is usually the person who called
connect (maybe in more cases than the connecting and writing user
match?) I guess the advantage is that someone always calls socket,
but not always does someone call connect.

	David.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message