Re: Socket credentials (take 2)

To: Elad Efrat <elad%netbsd.org@localhost>
Subject: Re: Socket credentials (take 2)
From: matthew sporleder <msporleder%gmail.com@localhost>
Date: Sat, 25 Apr 2009 11:01:37 -0400

On 4/25/09, Elad Efrat <elad%netbsd.org@localhost> wrote:
> matthew sporleder wrote:
>
> > On 4/24/09, Elad Efrat <elad%netbsd.org@localhost> wrote:
> >
> > > Hi,
> > >
> > >
> > >  - Since the credentials on the socket should not change (I think!)
> > >    maybe we should introduce some way to mark them as a "snapshot",
> > >        "immutable", or "static"?
> > >
> >
> > I can actually think of a lot of useful situations where I would like
> > to change the owner and permissions of a socket, but I don't know of
> > any programs that support it.
> >
> > Could you hook this into the kauth_network or kauth_process scope?
> >
>
>  Hook what? the ability to change a socket's credentials? if yes, I think
>  that functionality belongs somewhere outside the "scopes" (for example,
>  a program like tcpdrop, only that it changes socket credentials) --
>  otherwise, you'll have to elaborate on what you want to do.
>

I was thinking about something like the peruser apache mpm in a
mod_dav setup- after a user connects the socket can change to his uid.
 (although I was probably reaching and really thinking about the whole
child process)

References:
- Socket credentials (take 2)
  - From: Elad Efrat
- Re: Socket credentials (take 2)
  - From: matthew sporleder
- Re: Socket credentials (take 2)
  - From: Elad Efrat

Prev by Date: Re: Socket credentials (take 2)
Next by Date: Re: CVS commit: src/sys/kern
Previous by Thread: Re: Socket credentials (take 2)
Next by Thread: Re: Socket credentials (take 2)
Indexes:

Home | Main Index | Thread Index | Old Index