Bugtraq mailing list archives
Re: Why you should avoid world-writable directories
From: thorpej () NAS NASA GOV (Jason Thorpe)
Date: Thu, 24 Dec 1998 22:16:16 -0800
On Thu, 24 Dec 1998 00:50:48 -0800 Jason Thorpe <thorpej () nas nasa gov> wrote:
On Wed, 23 Dec 1998 09:28:35 +1100 Darren Reed <avalon () coombs anu edu au> wrote: > In a way, that is exactly the type of thing he is referring to, BUT, > LOCAL_CREDS must be supplied to be received as opposed to just "looked up" > with getpeeruid() (my understanding anyway). Yes, they are a control message. This works well for SOCK_DGRAM, but not as well for SOCK_STREAM, since w/ SOCK_STREAM you can connect and then never send any data, thus the task wanting the credentials never gets them.
Actually, let me clarify this just a little. I was pretty tired when I wrote that reply :-) The credentials are supplied by the kernel. The kernel prevents the sender from supplying them, for obvious reasons. Upon reception of any datagram on a LOCAL_CREDS-enabled socket, the credentials are available in a control message. There is one credentials message per datagram if the option is enabled. For stream sockets, the credentials are supplied only once, when the sender first sends data. If the sender never sends data, the receiver never recieves the credentials. In any case, if you (the receiver) enable LOCAL_CREDS on the socket, the only work you have to do is the receive of the control message and parsing of it. The sending application does no additional work. It is out of the loop as far as the sending of credentials is concerned. I don't really see any value in getpeeruid() since it can _only_ apply to Unix domain sockets. Why invent a system call with no other use when you can just use existing general-purpose interfaces? Jason R. Thorpe thorpej () nas nasa gov NASA Ames Research Center Home: +1 408 866 1912 NAS: M/S 258-5 Work: +1 650 604 0935 Moffett Field, CA 94035 Pager: +1 650 940 5942
Current thread:
- Re: Why you should avoid world-writable directories Ben Laurie (Dec 22)
- Re: Why you should avoid world-writable directories Darren Reed (Dec 22)
- Re: Why you should avoid world-writable directories Rich Burroughs (Dec 22)
- Re: Why you should avoid world-writable directories Wietse Venema (Dec 22)
- <Possible follow-ups>
- Re: Why you should avoid world-writable directories Nick Maclaren (Dec 22)
- Re: Why you should avoid world-writable directories Jason Thorpe (Dec 24)
- Re: Why you should avoid world-writable directories Alan Cox (Dec 24)
- Administrivia Aleph One (Dec 26)
- Nlog 1.1b released - security holes fixed HD Moore (Dec 26)
- referer problems... Spencer Portee - Yard Productions (Dec 26)
- Re: Why you should avoid world-writable directories Jason Thorpe (Dec 24)
- Re: Why you should avoid world-writable directories Bill Paul (Dec 26)
- Re: Why you should avoid world-writable directories Robert Watson (Dec 27)
- Re: Why you should avoid world-writable directories Bill Paul (Dec 26)