diff options
| author | wpaul <wpaul@FreeBSD.org> | 1997-03-21 16:12:32 +0000 |
|---|---|---|
| committer | wpaul <wpaul@FreeBSD.org> | 1997-03-21 16:12:32 +0000 |
| commit | cdd7ea42624c882c277e717173e0d9f2d4edfbd1 (patch) | |
| tree | 4c9acd2b85ec891acf70c2c3de953ed480bd654e /lib/libc/stdio/fopen.c | |
| parent | 61cded15d6400a98014df014cb90523b2a94edd4 (diff) | |
| download | FreeBSD-src-cdd7ea42624c882c277e717173e0d9f2d4edfbd1.zip FreeBSD-src-cdd7ea42624c882c277e717173e0d9f2d4edfbd1.tar.gz | |
Add support to sendmsg()/recvmsg() for passing credentials between
processes using AF_LOCAL sockets. This hack is going to be used with
Secure RPC to duplicate a feature of STREAMS which has no real counterpart
in sockets (with STREAMS/TLI, you can apparently use t_getinfo() to learn
UID of a local process on the other side of a transport endpoint).
What happens is this: the client sets up a sendmsg() call with ancillary
data using the SCM_CREDS socket-level control message type. It does not
need to fill in the structure. When the kernel notices the data,
unp_internalize() fills in the cmesgcred structure with the sending
process' credentials (UID, EUID, GID, and ancillary groups). This data
is later delivered to the receiving process. The receiver can then
perform the follwing tests:
- Did the client send ancillary data?
o Yes, proceed.
o No, refuse to authenticate the client.
- The the client send data of type SCM_CREDS?
o Yes, proceed.
o No, refuse to authenticate the client.
- Is the cmsgcred structure the right size?
o Yes, proceed.
o No, signal a possible error.
The receiver can now inspect the credential information and use it to
authenticate the client.
Diffstat (limited to 'lib/libc/stdio/fopen.c')
0 files changed, 0 insertions, 0 deletions
