Date: Tue, 26 Nov 1996 10:23:39 +0100 (MEZ) From: "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at> To: jlemon@americantv.com (Jonathan Lemon) Cc: wpaul@skynet.ctr.columbia.edu, hackers@freebsd.org Subject: Re: looking for an idea Message-ID: <199611260923.AA137920219@ws2301.gud.siemens.co.at> In-Reply-To: <199611251840.SAA21376@right.PCS> from "Jonathan Lemon" at Nov 25, 96 12:40:50 pm
next in thread | previous in thread | raw e-mail | index | archive | help
E-mail message from Jonathan Lemon contained: > > semaphore -- Gaaahhh!!). Previously, I also experimented with > > sending a file descriptor over the AF_UNIX socket from the client > > to the server using sendmsg()/revcmsg(), but this doesn't provide > > any useful (i.e. trustworthy) information either. I thought about > > Hm. I think this is probably the right track. What you want is some way > for the process on the other end of the pipe to prove it's identity to the > server. > > How about having the client create a file of mode 000, and then pass that > open file descriptor back to the server? Since it's mode 000, only the > owner of the file could have opened it (or chowned it to 000). The file can > either be created randomly by the client, or specified by the server. Won't work on SysV. Anyone can chown(2) his own files to anyone else. The funny thing about it is that they claim they support quotas :) But if you restrict yourself to .*BSD, it might work. /Marino > > The server can then use the fstat() call on the passed file descriptor to > verify that the mode is 000, and that the file was indeed opened by the > remote process. It also gets the uid from the fstat() call. > -- > Jonathan >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611260923.AA137920219>