lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 11 Aug 2012 10:23:22 +0400 From: Pavel Emelyanov <xemul@...allels.com> To: "H. Peter Anvin" <hpa@...or.com>, Alan Cox <alan@...rguk.ukuu.org.uk>, Stanislav Kinsbursky <skinsbursky@...allels.com> CC: "J. Bruce Fields" <bfields@...ldses.org>, "Trond.Myklebust@...app.com" <Trond.Myklebust@...app.com>, "davem@...emloft.net" <davem@...emloft.net>, "linux-nfs@...r.kernel.org" <linux-nfs@...r.kernel.org>, "eric.dumazet@...il.com" <eric.dumazet@...il.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>, "tim.c.chen@...ux.intel.com" <tim.c.chen@...ux.intel.com>, "devel@...nvz.org" <devel@...nvz.org> Subject: Re: [RFC PATCH 0/2] net: connect to UNIX sockets from specified root On 08/11/2012 03:09 AM, H. Peter Anvin wrote: > On 08/10/2012 12:28 PM, Alan Cox wrote: >> Explicitly for Linux yes - this is not generally true of the AF_UNIX >> socket domain and even the permissions aspect isn't guaranteed to be >> supported on some BSD environments ! > > Yes, but let's worry about what the Linux behavior should be. > >> The name is however just a proxy for the socket itself. You don't even >> get a device node in the usual sense or the same inode in the file system >> space. > > > No, but it is looked up the same way any other inode is (the difference > between FIFOs and sockets is that sockets have separate connections, > which is also why open() on sockets would be nice.) > > However, there is a fundamental difference between AF_UNIX sockets and > open(), and that is how the pathname is delivered. It thus would make > more sense to provide the openat()-like information in struct > sockaddr_un, but that may be very hard to do in a sensible way. In that > sense it perhaps would be cleaner to be able to do an open[at]() on the > socket node with O_PATH (perhaps there should be an O_SOCKET option, > even?) and pass the resulting file descriptor to bind() or connect(). I vote for this (openat + O_WHATEVER on a unix socket) as well. It will help us in checkpoint-restore, making handling of overmounted/unlinked sockets much cleaner. > -hpa Thanks, Pavel -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists