User credentials on a unix datagram socket
From: John Kelly
Date: Sun Oct 05 2008 - 18:01:45 EST
The socket(7) man page seems to imply that user credentials cannot be
sent on a unix datagram socket, unless socketpair() created it.
> SO_PEERCRED
> Return the credentials of the foreign process connected to this socket.
> This is only possible for connected AF_UNIX stream sockets and AF_UNIX
> stream and datagram socket pairs created using socketpair(2);
But through trial and error, without reading any kernel source, I
learned that you can send user credentials on a regular unix datagram
socket which was not created with socketpair().
I'm unsure what SO_PEERCRED is intended for; I used SO_PASSCRED in my
server code, and it works. I'm glad it does. Stream sockets would
require a file descriptor for each client. Ugh. What I want to do is
so much simpler with datagram sockets.
I have sample code at ftp://ftp.isp2dial.com/users/jak/src/test/uxdg/
I hope someone will revise the man page and explain that you can pass
user credentials on a unix datagram socket, even one not created with
socketpair().
This is a very useful feature. Please keep it in the kernel!
--
Webmail for Dialup Users
http://www.isp2dial.com/freeaccounts.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/