Noriyuki Soda <soda@sra.co.jp> writes:

> >>>>> On Fri, 02 May 2003 23:24:58 +1000,
> 	Simon Burge <simonb@wasabisystems.com> said:
> 
> >> And that might open another security problem
> >> because any user can query the owner of any TCP connection now.
> 
> > I don't have any idea of security implications of this.  Anyone know
> > better?
> 
> It has been possible before TCPCTL_IDENT, by just using /usr/bin/fstat.

But unlike TCPCTL_IDENT, fstat can be restricted easily by changing
its file permissions (albeit coarsely).


- Klaus