Thor Lancelot Simon <t...@panix.com> writes: > On Fri, Jun 06, 2025 at 07:33:37AM +0000, Emmanuel Nyarko wrote: >> >> > On 5 Jun 2025, at 11:12???PM, Thor Lancelot Simon <t...@panix.com> wrote: >> > >> > What will happen when a socket changes hands by file descriptor passing >> > over a Unix domain socket? >> >> But the reason is I want to add this support is for NPF to be able >> to give a user based security to Unix servers in network layer. Like >> being able to allow or deny certain users on a server from giving >> out resources. so maybe for now, even if I???m doing it as opt-in, I >> can still exempt UDS from it because I don???t think it will add >> anything to Unix Domain Sockets > > I don't think you understand. I can accept a TCP connection on an AF_INET > socket, then take the resulting file descriptor and transfer it to a > completely unrelated process using a control message on an AF_UNIX socket. > That process can be owned by a different user. What do you intend to happen > to the AF_INET socket that is passed in this way?
A fair question, but in the current code, what does it mean for an AF_INET socket to have an owner? It may be that the firewall rules should be based on the process's uid/gid, and that the concept of sockets having owners is just a red herring.
