* William E. Baxter <[EMAIL PROTECTED]> [000808 09:27] wrote:
> A patch implementing a getpeereid() syscall in FreeBSD 4.0 is
> available at
>
> http://www.superscript.com/patches/freebsd_4_0.getpeereid
>
> A local-domain server uses getpeereid() to obtain client credentials.
> Based on getpeereid() I created ucspi-ipc, a local-domain analogue to
> Dan Bernstein's ucspi-tcp. The project came about after I read the
> "Wiping out setuid programs" discussion the the BugTraq archives. At
> present, ucspi-ipc runs on patched OpenBSD, patched FreeBSD, and on
> Linux kernels that support SO_PEERCRED with getsockopt().
I haven't used the credential passing feature of sendmsg(), but I
was wondering what advantages this has over being able to pass
kernel verified id's through a unix domain socket using SCM_CREDS.
My reading of UNP seems to indicate that it offers the same features.
--
-Alfred Perlstein - [[EMAIL PROTECTED]|[EMAIL PROTECTED]]
"I have the heart of a child; I keep it in a jar on my desk."
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
