On 2/22/07, Iain Hibbert <[EMAIL PROTECTED]> wrote:
On Thu, 22 Feb 2007, Maksim Yevmenkin wrote:
> ah, i see. i was thinking exactly the same, except that i would like
> to make authentication procedure between local sdp client and local
> sdp server well defined and mandatory.
Hmm, maybe with an AUTH Request/Response rather than credential check? I'm
not sure if that would be a lot of work..?
i doubt that we need to go this route. that is just for the local
clients. imo, credentials should be more then enough.
I had a thought before about adding an option to permit group access to
the server (eg "-G staff"), and this would not seem so very difficult to
implement (maybe even multiple groups..)
yes, i had the same idea too. it's trivial to implement - just need to
pass list of user ids and/or group ids that allowed to register
services with sdpd. then check credentials against those lists.
> right now, sdpd simply uses getsockopt() to pull cached (inside
> socket) peers credentials (i.e. no messages flow between the client
> and the server)
Yeah, thats a FreeBSD extension though and so far as I recall, I think
there was some resistance to including it in NetBSD for whatever reason.
ok
I didn't get around to the zero length packets, but the following diff
which moves the ServerRegister up before the setuid() calls does the job
for NetBSD at least..
looks reasonable. i will take a closer look and commit this and other
patches later.
thanks,
max
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bluetooth
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
