On Wed, 2014-04-16 at 12:07 +0200, Rafał Krypa wrote: > On 2014-04-16 09:13, Patrick Ohly wrote: > > How will the app receive the reply if it can't read from the "User" > > domain? My guess is that this works because the data that it needs to > > read was explicitly written to by a service in the "User" domain, but I > > am not sure. > > Communication over UDS requires only write permissions. The client > (connecting side) needs write access to the server. The server should > also require write access to the client. The latter was found missing > is Smack as well, but it's already patched (not backported to Tizen > kernel yet).
So when connecting to the UDS of a service, the client does fd = socket(AF_UNIX, SOCK_STREAM), then connect(fd, path), and it will get a read/write fd connected to the service even if it only has write access to the socket's label. Okay, I'm starting to understand, I suppose. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
