On Wed, 2013-10-16 at 10:46 +0200, Samuel Thibault wrote: > Svante Signell, le Wed 16 Oct 2013 09:50:27 +0200, a écrit :
> > Also, you need to check that it works when the sender and the receiver > don't have the same uid/gid/etc., e.g. root sending to a normal user > (which is one of the most used cases). Will do. > > So let's be serious, which entries are part of the ancillary data to > > check: pid, auid, agid, euid, egid (not in scm_creds), cmcred_groups[]? > > All of them. Everything that is provided in cmsgcred is supposed to have > been checked by the operating system as being correct. How to handle case where not all ancillary data is sent, e.g. groups missing? The header file socket.h states the following: /* Structure delivered by SCM_CREDS. This describes the identity of the sender of the data simultaneously received on the socket. By BSD convention, this is included only when a sender on a AF_LOCAL socket sends cmsg data of this type and size; the sender's structure is ignored, and the system fills in the various IDs of the sender process. */ Should we follow the BSD convention and completely ignore sent ancillary data as kFreeBSD does? > > E.g. where to add the groups data, on the transmit or receive side? > > Well, just like other fields: the transmit side should send it, and the > receive side should check them. I don't see what poses problem. Ok, I'll fix that. -- To UNSUBSCRIBE, email to debian-hurd-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1381915589.21791.5.ca...@g3620.my.own.domain