Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 28 May 2009 10:18:17 +0530
From:      Sujit K M <kmsujit@gmail.com>
To:        Zachary Loafman <zml@freebsd.org>
Cc:        steven.danneman@isilon.com, freebsd-arch@freebsd.org
Subject:   Re: pthread_setugid_np
Message-ID:  <74fe56020905272148q680cdc05tb572d576a4c3ff2b@mail.gmail.com>
In-Reply-To: <74fe56020905272133r3f2ab491t962c6d0fe900e9d0@mail.gmail.com>
References:  <20090528000147.GB3704@isilon.com> <74fe56020905271931l4c8d4677h3bbcce6d8c8a8605@mail.gmail.com> <20090528024640.GC9388@isilon.com> <74fe56020905272039h6aed0724u38dbc25d0a1be6a7@mail.gmail.com> <20090528041236.GA14687@isilon.com> <74fe56020905272133r3f2ab491t962c6d0fe900e9d0@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
As per the Apple Documentation:

In some cases it is helpful to impersonate the user, at least as far
as the permissions checking done by the BSD subsystem of the kernel. A
single-threaded daemon can do this using seteuid and setegid. These
set the effective user and group ID of the process as a whole. This
will cause problems if your daemon is using multiple threads to handle
requests from different users. In that case you can set the effective
user and group ID of a thread using pthread_setugid_np. This was
introduced in Mac OS X 10.4.

(AT) http://developer.apple.com/technotes/tn2005/tn2083.html


I think this is a part of the BSD (Mach) subsystem.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?74fe56020905272148q680cdc05tb572d576a4c3ff2b>