lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 21 Dec 2023 13:15:29 +0100
From: Alejandro Colomar <alx@...nel.org>
To: Kuniyuki Iwashima <kuniyu@...zon.com>,
	Alexey Tikhonov <atikhono@...hat.com>
Cc: libc-alpha@...rceware.org, linux-man@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: [PATCH] unix.7: SO_PEERCRED: Mention listen(2)

Hi Kuniyuki, Alexey,

On Thu, Dec 21, 2023 at 10:49:11AM +0900, Kuniyuki Iwashima wrote:
> From: Alexey Tikhonov <atikhono@...hat.com>
> Date: Wed, 20 Dec 2023 18:28:34 +0100
> > In case of connected AF_UNIX stream sockets, server-side
> > credentials are set at the time of a call to listen(2),
> > not when client-side calls connect(2).
> > 
> > This is important if server side process changes UID/GID
> > after listen(2) and before connect(2).
> > 
> > Reproducer is available in https://bugzilla.redhat.com/show_bug.cgi?id=2247682
> > 
> > Behavior was confirmed in the email thread
> > https://lore.kernel.org/linux-man/CABPeg3a9L0142gmdZZ+0hoD+Q3Vgv0BQ21g8Z+gf2kznWouErA@mail.gmail.com/
> > 
> > Signed-off-by: Alexey Tikhonov <atikhono@...hat.com>
> 
> Reviewed-by: Kuniyuki Iwashima <kuniyu@...zon.com>
> 
> Thanks!

Thank you both for the patch and review!

Patch applied:
<https://www.alejandro-colomar.es/src/alx/linux/man-pages/man-pages.git/commit/?h=contrib&id=b34c2340657cfe467a0c2cde4933422bddf4348b>

Have a lovely day,
Alex

> > ---
> >  man7/unix.7 | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/man7/unix.7 b/man7/unix.7
> > index e9edad467..71cdfc758 100644
> > --- a/man7/unix.7
> > +++ b/man7/unix.7
> > @@ -331,7 +331,8 @@ This read-only socket option returns the
> >  credentials of the peer process connected to this socket.
> >  The returned credentials are those that were in effect at the time
> >  of the call to
> > -.BR connect (2)
> > +.BR connect (2),
> > +.BR listen (2),
> >  or
> >  .BR socketpair (2).
> >  .IP
> > -- 
> > 2.41.0

-- 
<https://www.alejandro-colomar.es/>
Looking for a remote C programming job at the moment.

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ