Re: Changing uid of another process?

Rik van Riel (H.H.vanRiel@phys.uu.nl)
Sat, 11 Jul 1998 05:59:33 +0200 (CEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael L. Galbraith: "Re: kernel symbol problem, 2.1.108ac2"
Previous message: D.A. Harris: "setfont and PIO_FONT ioctl errors"

On Fri, 10 Jul 1998, Alexander Kjeldaas wrote:
> On Fri, Jul 10, 1998 at 04:22:55PM +0200, Rik van Riel wrote:
> > On Fri, 10 Jul 1998 bofh@diegeekdie.com wrote:
> >
> > > A better solution is perhapps to extend the unix domain sockets instead,
> > > so they can transfer uids/gids just like they can transfer
> > > filedescriptors? Is this something that could be added to the standard
> > > kernel if it was implemented?
>
> You can't _pass_ credentials on unix domain sockets as he describes,
> you can only pass _information about_ your credentials. Passing
> credentials on a unix domain socket would also be a better way of
> setting capabilities than relying on pid as identification.

Passing credentials by means of a Unix domain socket would
open up such an awful lot of security holes that we'd be
better of having just PID identification :)

Rik.
+-------------------------------------------------------------------+
| Linux memory management tour guide. H.H.vanRiel@phys.uu.nl |
| Scouting Vries cubscout leader. http://www.phys.uu.nl/~riel/ |
+-------------------------------------------------------------------+

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Michael L. Galbraith: "Re: kernel symbol problem, 2.1.108ac2"
Previous message: D.A. Harris: "setfont and PIO_FONT ioctl errors"