Date: Fri, 04 May 2001 16:05:39 -0700 From: Dima Dorfman <dima@unixfreak.org> To: hackers@freebsd.org Subject: Getting peer credentials on a unix domain socket Message-ID: <20010504230540.00BEE3E0B@bazooka.unixfreak.org>
next in thread | raw e-mail | index | archive | help
Is there a reliable method of obtaining the credentials (uid/gid) of a peer (SOCK_STREAM sockets only, obviously) on a unix domain socket? All the Stevens books I have suggest that there isn't, but I'm wondering if something has been developed since those books were published. Note that a BSD/OS-like LOCAL_CREDS socket opt is not sufficient because using the latter the process must wait until the peer sends something before they can learn its credentials. If this process intends to drop the connection if it's not from an authorized source, this may lead to a DoS attack. Timers don't help, either; think of TCP SYN flood-like attacks. Thanks, Dima Dorfman dima@unixfreak.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010504230540.00BEE3E0B>