On Aug 21, 2009, at 12:24 PM, Stephen J. Butler wrote:
The second bit of information is that permissions are tested at
the time
of the open(). Once you have the file descriptor, you can use it
without
further checks.
That's the bit that confuses me, because it seems to be a security
gap. It
sounds like I could just spawn an application which reads from
every single
file descriptor from 1 on up. If any other process opened a
protected file
then my app could read its data without any security check at all?
That
doesn't seem right.
File descriptors are not shared between processes; hence all the hoop
jumping with sendmsg/recvmsg.
Oooohhhhhhhhhhh!!!
Well that changes everything. I see now that I just didn't drill down
to the actual sending of this fd properly. Now I see that there is
indeed a call to sendmsg. Thanks that perfectly clears everything up.
--
Seth Willits
_______________________________________________
Cocoa-dev mailing list ([email protected])
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to [email protected]
