Re: Proposal to automatically make the owner/user of an accepted socket the current process

To: Thor Lancelot Simon <tls%panix.com@localhost>

Subject: Re: Proposal to automatically make the owner/user of an accepted socket the current process

From: Emmanuel Nyarko <emmankoko519%gmail.com@localhost>

Date: Fri, 6 Jun 2025 07:33:37 +0000

On 5 Jun 2025, at 11:12 PM, Thor Lancelot Simon <tls%panix.com@localhost> wrote:

On Thu, Jun 05, 2025 at 04:36:43PM +0000, Emmanuel Nyarko wrote:
Errmmm, I was thinking that it maybe becomes a default behavior.

I mean every socket should be owned by the process that the socket was created for.

What will happen when a socket changes hands by file descriptor passing
over a Unix domain socket?

So after a short reading, discovered Unix Domain Sockets also use file descriptors for data exchange(communication).

But the reason is I want to add this support is for NPF to be able to give a user based security to Unix servers in network layer. Like being able to allow or deny certain users on a server from giving out resources. so maybe for now, even if I’m doing it as opt-in, I can still exempt UDS from it because I don’t think it will add anything to Unix Domain Sockets

Like an initial

If domain(address family) != AF_LOCAL (or AF_UNIX)

Check.

Thor

A scoffer seeks wisdom in vain, but knowledge is easy for a man of understanding.
Emmanuel