From owner-freebsd-hackers Fri Aug 28 23:27:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA19851 for freebsd-hackers-outgoing; Fri, 28 Aug 1998 23:27:15 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from mail.camalott.com (mail.camalott.com [208.203.140.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA19836 for ; Fri, 28 Aug 1998 23:27:04 -0700 (PDT) (envelope-from joelh@gnu.org) Received: from detlev.UUCP (tex-99.camalott.com [208.229.74.99]) by mail.camalott.com (8.8.7/8.8.5) with ESMTP id BAA12278; Sat, 29 Aug 1998 01:24:38 -0500 Received: (from joelh@localhost) by detlev.UUCP (8.9.1/8.9.1) id BAA01509; Sat, 29 Aug 1998 01:22:48 -0500 (CDT) (envelope-from joelh) Date: Sat, 29 Aug 1998 01:22:48 -0500 (CDT) Message-Id: <199808290622.BAA01509@detlev.UUCP> To: nbm@rucus.ru.ac.za CC: luigi@labinfo.iet.unipi.it, chanders@timing.com, freebsd-hackers@FreeBSD.ORG, brhall@timing.com In-reply-to: <19980828211404.A18096@rucus.ru.ac.za> (message from Neil Blakey-Milner on Fri, 28 Aug 1998 21:14:04 +0200) Subject: Re: Help with passing fd on FreeBSD From: Joel Ray Holveck Reply-to: joelh@gnu.org References: <199808281722.LAA10931@count.timing.com> <199808281628.SAA05374@labinfo.iet.unipi.it> <19980828211404.A18096@rucus.ru.ac.za> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>> Can someone give me pointers on passing open file descriptors on >>>> FreeBSD? >> still, this looks to me one of the most obscure interfaces in the OS. >> Does any real application use that ? > I think this could be used to point children towards files to read > for further input, or something like that. You've got it backwards. To send a child process a fd at fork time, you've just got to dup2 to a known (predetermined or passed at runtime) fd before forking. Mike mentioned using it to pass fd's (in his case, network sockets) to a preforked process, but that's a slightly different case. > I'm not terribly sure, but the children may then need not be run as > root to read files not owned by their process id (one assumes the ^^^^^^^ user > child uses set[gu]id). Once a process has an fd, it stays, regardless of setuid's. The uid/gid is checked when a file is opened, but not after. (This also means that a process can receive a fd passed to it, either in its creation (via fork) or by SCM_RIGHTS regardless of permissions.) Emacs 20.4 will use the mechanism in just the way that Stevens' example 1 mentioned. It can launch a suid root child which can pass it back an fd that Emacs would not otherwise be able to handle. (It does this to allow sysadmins to manipulate files as root while logged in as a mortal, assuming authentication passes.) > Of course, I'm sure there are better ways of doing these things. I'm not > sure how apache logs to files owned by other users (apache set[gu]id's its > children), this may be the way. It could easily open the files as root (and with O_APPEND) before forking. Happy hacking, joelh -- Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message