Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 4 Feb 2008 13:38:37 -0600
From:      "Zane C.B." <v.velox@vvelox.net>
To:        "Heiko Wundram (Beenic)" <wundram@beenic.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: unix domain socket security and PID retrieval
Message-ID:  <20080204133837.3c3b3b67@vixen42>
In-Reply-To: <200802041536.30469.wundram@beenic.net>
References:  <20080204043021.1a8ee670@vixen42> <200802041254.44475.wundram@beenic.net> <20080204082152.2129c3c6@vixen42> <200802041536.30469.wundram@beenic.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 4 Feb 2008 15:36:30 +0100
"Heiko Wundram (Beenic)" <wundram@beenic.net> wrote:

> Am Montag, 4. Februar 2008 15:21:52 schrieb Zane C.B.:
> > I've come across that mentioned in unix(4). There is no support
> > for it in regards to Perl. Another problem is it requires support
> > for that on both ends.
> >
> > More and more it looks like getting either PID and/or user info
> > about the other process connecting up to it is impossible, with
> > out writing some sort of authentication system for the two to use
> > or both ends have to support the LOCAL_CREDS stuff.
> 
> I cannot believe that this doesn't exist for Perl (everything
> exists for Perl in one way or another...), and anyway, a quick
> search on CPAN found this, which looks as though it's (at least
> part of) what you're looking for:
> 
> http://search.cpan.org/~mjp/Socket-MsgHdr-0.01/MsgHdr.pm
> 
> Finally, thinking back to the last time I used SCM_CREDS on Linux
> (which is a loooong time ago), I'm not even sure that the sender
> has to send an SCM_CREDS message (which would invalidate my former
> reply); I think it's enough if the receiver requests to get one
> (which will be filled in by the kernel), see the description in the
> referenced page above which shows you how to set up the
> corresponding recvmsg call.
> 
> Sending one is only required in case the sender is root and wants
> to spoof it's credentials to the remote process (IIRC).

Thanks. I did not think to try a search for that. I was trying
various combinations involving the word unix and socket.

I've gotten it installed now and will post with how it works out.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080204133837.3c3b3b67>