Date: Mon, 1 Nov 2004 18:27:56 +0100 (MET)
From: Jan Engelhardt <jengelh@linux01.gwdg.de>
To: John M Collins <jmc@xisl.com>
cc: linux-kernel@vger.kernel.org
Subject: Re: Fchown on unix domain sockets?
In-Reply-To: <200411011543.04881.jmc@xisl.com>
Message-ID: <Pine.LNX.4.53.0411011825010.5419@yvahk01.tjqt.qr>
References: <200410312255.00621.jmc@xisl.com> <200411011441.56524.jmc@xisl.com>
 <Pine.LNX.4.53.0411011546050.30106@yvahk01.tjqt.qr> <200411011543.04881.jmc@xisl.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=utf-8
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1267
Lines: 30

>> >When I connect to it is the point. I want to set the permissions etc so
>> > that only the progams that are supposed to be talking to it talk to it.
>>
>> How about setting the permissions beforehand?
>
>We're talking about fchown not fchmod. Obviously you can set "umask" so that
>the appropriate permissions are on or off.

Whoops. Well, you said "permissions" in the topmost quoted thing.
Anyway, you could use ACLs to restrict connecting to a PF_UNIX
socket on a per user/group basis.

>I just thought it would be worth drawing attention to the fact that "fchown"
>silently does nothing and the whole thing is not documented anywhere (even on
>OSes which give an error code). It just seemed a gap worth plugging.

Now the message is clear. Glibc info pages maintained by
glibc-bugs@gnu.org (IIRC), man pages now maintained by (sorry forgot
the addr, but take a look on LKML archive for this day).


Jan Engelhardt
-- 
Gesellschaft für Wissenschaftliche Datenverarbeitung
Am Fassberg, 37077 Göttingen, www.gwdg.de
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/