Date: Mon, 4 Feb 2008 12:54:44 +0100 From: "Heiko Wundram (Beenic)" <wundram@beenic.net> To: freebsd-questions@freebsd.org Subject: Re: unix domain socket security and PID retrieval Message-ID: <200802041254.44475.wundram@beenic.net> In-Reply-To: <20080204043021.1a8ee670@vixen42> References: <20080204043021.1a8ee670@vixen42>
next in thread | previous in thread | raw e-mail | index | archive | help
Am Montag, 4. Februar 2008 11:30:21 schrieb Zane C.B.: > Been starting to look into writing some stuff that uses unix domain > sockets, but I've been running into the problem of figuring out what > the calling PID is on the other end. > > Any suggestions on where I should begin to look? > > As it currently stands, I am looking at doing this with perl. Check out man 3 sendmsg and man 3 recvmsg (which should be wrapped in Perl in some way or another), and passing SCM_CREDS messages between the two processes. The SCM_CREDS message is filled in my the kernel, so there's no way (unless the other side is "root") to spoof the credentials information. This requires that the sending end willingly sends SCM_CREDS (and the receiver uses recvmsg to query for it), and sends at least one byte of data along with the ancilliary message. -- Heiko Wundram Product & Application Development
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802041254.44475.wundram>