Re: Socket credentials (take 2)

To: YAMAMOTO Takashi <yamt%mwd.biglobe.ne.jp@localhost>
Subject: Re: Socket credentials (take 2)
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Mon, 27 Apr 2009 03:54:20 +0300

On Mon, Apr 27, 2009 at 3:44 AM, YAMAMOTO Takashi
<yamt%mwd.biglobe.ne.jp@localhost> wrote:

>> or is there a different solution? or
>> am I missing the problem? :)
>
> i doubt if sodisconnect is the right place to free the credential.
> (i think i said this before.)
> is sodisconnect called for all sockets, even for non-connected ones?
> are you sure that so_cred will never be used after sodisconnect?

First let me apologize for not remembering this -- I did go over past
discussions and apparently missed it.

Anyway, you're 100% right. Doing it in sodisconnect() is pretty much
a bug. How about soput()? :)

(FWIW, FreeBSD puts it in sodealloc(), which looks like their
equivalent to our soput().)

> i guess that it's better to write something which actually use so_cred
> before commiting the patch.

I have uses for it both in tree (anything that uses uidinfo->ui_uid for
authorization, anything that uses so_egid) and planned (bluetooth
sockets receiving privileged requests).

Thanks,

-e.

References:
- Re: Socket credentials (take 2)
  - From: Elad Efrat
- Re: Socket credentials (take 2)
  - From: YAMAMOTO Takashi

Prev by Date: Re: Socket credentials (take 2)
Next by Date: re: More KAUTH_GENERIC_ISSUSER replacements
Previous by Thread: Re: Socket credentials (take 2)
Next by Thread: Re: Socket credentials (take 2)
Indexes:

Home | Main Index | Thread Index | Old Index