On Sun, Jul 09, 2017 at 02:07:06PM +, Johannes Lundberg wrote:
> That code gets the child's pid from the fork command. That's is not
> available in my case (Wayland client connects to Wayland server via unix
> socket).
> I can understand the security issue.. hmm will dig further tomorrow..
On Sun, Jul 09, 2017 at 05:43:22PM +0100, David Chisnall wrote:
> On 9 Jul 2017, at 14:25, Stefan Ehmann wrote:
> > Don't why the structs are not compatible, maybe because:
> > "The process ID cmcred_pid should not be looked up (such as via the
> > KERN_PROC_PID sysctl) for
On 9 Jul 2017, at 14:25, Stefan Ehmann wrote:
>
> Don't why the structs are not compatible, maybe because:
> "The process ID cmcred_pid should not be looked up (such as via the
> KERN_PROC_PID sysctl) for making security decisions. The sending process
> could have exited and
That code gets the child's pid from the fork command. That's is not
available in my case (Wayland client connects to Wayland server via unix
socket).
I can understand the security issue.. hmm will dig further tomorrow..
Thanks for the info!
On Sun, 9 Jul 2017 at 15:26, Stefan Ehmann
On 09.07.2017 11:52, Johannes Lundberg wrote:
Hi
Yeah I forgot to mention the LOCAL_CREDS.
It does not return the PID of the client process but i guess it could be
expanded to include that instead of adding another option for that.
I was only skimming the man page. Didn't see that cmsgcred
Hi
Yeah I forgot to mention the LOCAL_CREDS.
It does not return the PID of the client process but i guess it could be
expanded to include that instead of adding another option for that.
On Sun, Jul 9, 2017 at 11:47 AM, Stefan Ehmann wrote:
> On 09.07.2017 10:03, Johannes
On 09.07.2017 10:03, Johannes Lundberg wrote:
Hi
Without altering the client code (i.e. adding sendmsg(credentials)), is
there anyway of getting the client PID (or path to binary) using the file
descriptor returned by accept() on the server side?
Similar to Linux's getsockopt with SO_PEERCRED
follow-up
Seems like at least OpenBSD implemented SO_PEERCRED which returns a struct
sockpeercred.
/* Read using getsockopt() with SOL_SOCKET, SO_PEERCRED */
struct sockpeercred {
uid_t uid; /* effective user id */
gid_t gid; /* effective group id */
pid_t pid;
};
If not anyone is oppose to
Hi
Without altering the client code (i.e. adding sendmsg(credentials)), is
there anyway of getting the client PID (or path to binary) using the file
descriptor returned by accept() on the server side?
Similar to Linux's getsockopt with SO_PEERCRED option.
Thanks!