Date: Mon, 25 Nov 1996 12:40:50 -0600 From: jlemon@americantv.com (Jonathan Lemon) To: wpaul@skynet.ctr.columbia.edu (Bill Paul) Cc: hackers@FreeBSD.org Subject: Re: looking for an idea Message-ID: <199611251840.SAA21376@right.PCS> In-Reply-To: <199611242122.QAA02399@skynet.ctr.columbia.edu>; from Bill Paul on Nov 24, 1996 16:22:57 -0500 References: <199611242122.QAA02399@skynet.ctr.columbia.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> semaphore -- Gaaahhh!!). Previously, I also experimented with > sending a file descriptor over the AF_UNIX socket from the client > to the server using sendmsg()/revcmsg(), but this doesn't provide > any useful (i.e. trustworthy) information either. I thought about Hm. I think this is probably the right track. What you want is some way for the process on the other end of the pipe to prove it's identity to the server. How about having the client create a file of mode 000, and then pass that open file descriptor back to the server? Since it's mode 000, only the owner of the file could have opened it (or chowned it to 000). The file can either be created randomly by the client, or specified by the server. The server can then use the fstat() call on the passed file descriptor to verify that the mode is 000, and that the file was indeed opened by the remote process. It also gets the uid from the fstat() call. -- Jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611251840.SAA21376>