From web@kronos.superscript.com Mon Aug 14 07:51:26 2000 Return-Path: Received: from kronos.superscript.com (kronos.superscript.com [206.234.89.4]) by hub.freebsd.org (Postfix) with ESMTP id 913E537B7DA for ; Mon, 14 Aug 2000 07:51:20 -0700 (PDT) (envelope-from web@kronos.superscript.com) Received: (from web@localhost) by kronos.superscript.com (8.9.3/8.9.3) id RAA00919; Thu, 10 Aug 2000 17:42:12 -0500 (CDT) (envelope-from web) Message-Id: <200008102242.RAA00919@kronos.superscript.com> Date: Thu, 10 Aug 2000 17:42:12 -0500 (CDT) From: web-freebsd@superscript.com Sender: web@kronos.superscript.com Reply-To: web-freebsd@superscript.com To: FreeBSD-gnats-submit@freebsd.org Subject: getpeereid system call X-Send-Pr-Version: 3.2 >Number: 20600 >Category: bin >Synopsis: getpeereid obtains credentials from connect() >Confidential: no >Severity: non-critical >Priority: low >Responsible: dd >State: closed >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Aug 14 08:00:05 PDT 2000 >Closed-Date: Sun Aug 19 17:05:10 PDT 2001 >Last-Modified: Sun Aug 19 17:05:34 PDT 2001 >Originator: William E Baxter >Release: FreeBSD 4.0-RELEASE i386 >Organization: SuperScript >Environment: FreeBSD kronos.superscript.com 4.0-RELEASE FreeBSD 4.0-RELEASE #3: Sat Jul 29 15:43:03 CDT 2000 web@kronos.superscript.com:/usr/src/sys/compile/GENERIC i386 >Description: A local-domain server obtains credentials reflecting the process that called connect() using getpeereid(). Credentials consist of effective user and group IDs. No action is required of the client (e.g. calling sendmsg). Credentials are passed at connect(), therefore clients are unable to consume connections anonymously. Furthermore, complications due to the client changing ID or calling fork() before sendmsg() do not enter. These are simply connection credentials and not message credentials. A patch for FreeBSD 4.0 is available at http://www.superscript.com/patches/freebsd_4_0.getpeereid The initial application for getpeereid() is ucspi-ipc, available with online documentation at http://www.superscript.com/ucspi-ipc/intro.html >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: Responsible-Changed-From-To: gnats-admin->freebsd-bugs Responsible-Changed-By: jedgar Responsible-Changed-When: Wed Aug 16 04:42:58 PDT 2000 Responsible-Changed-Why: Misfiled PR http://www.freebsd.org/cgi/query-pr.cgi?pr=20600 Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: sheldonh Responsible-Changed-When: Thu Aug 17 03:09:58 PDT 2000 Responsible-Changed-Why: This is something of an experiment. I'd like to see whether the assignment of network-related PR's to the freebsd-net list can be a productive exercise. http://www.freebsd.org/cgi/query-pr.cgi?pr=20600 Responsible-Changed-From-To: freebsd-net->freebsd-bugs Responsible-Changed-By: ru Responsible-Changed-When: Tue Jul 3 07:00:17 PDT 2001 Responsible-Changed-Why: Experiment has failed. peter's script can't handle this. It skips ^(freebsd|gnats) responsibles. Except a few special ones like freebsd-bugs, freebsd-doc, and freebsd-ports. http://www.FreeBSD.org/cgi/query-pr.cgi?pr=20600 Responsible-Changed-From-To: freebsd-bugs->dd Responsible-Changed-By: dd Responsible-Changed-When: Tue Jul 3 11:56:21 PDT 2001 Responsible-Changed-Why: I proposed something similar, so I'll take a look at this. http://www.FreeBSD.org/cgi/query-pr.cgi?pr=20600 State-Changed-From-To: open->closed State-Changed-By: dd State-Changed-When: Sun Aug 19 17:05:10 PDT 2001 State-Changed-Why: getpeereid(3) is implemented in -current in terms of the LOCAL_PEERCRED socket option. http://www.FreeBSD.org/cgi/query-pr.cgi?pr=20600 >Unformatted: