Authenticating Unix Domain sockets.

Larry Wall lwall at jpl-devvax.JPL.NASA.GOV
Thu Jan 31 13:11:14 AEST 1991 

In article <1991Jan30.213227.19055 at shearson.com> viktor at shearson.com (Viktor Dukhovni) writes:
: lwall at jpl-devvax.JPL.NASA.GOV (Larry Wall) writes:
: 
: >In article <1991Jan29.063539.2169 at objy.com> peter at objy.com writes:
: >: What I would like is a guaranteed way of finding out the uid of a process
: >: that just connected to me using local (same machine) IPC.
: 
: >What do you mean by "the" uid?  Given that the other end of a socket may
: >be open multiple times by multiple processes, there's no guarantee of
: >uniqueness.
: 
: 	Actually this is wrong!  With a SOCK_STREAM socket,  
: or using the "fromaddr" argument of recvfrom() the peer address
: can be examined using getpeername or directly respectively.
: 
: 	Since UNIX sockets must be bound explicitly,  and must not
: exit prior to creation,  the effecttive user id of the remote process
: is the same as the owner of the the remote socket in the file space.

Oh, come now.  This is comp.unix.wizards.  Surely you've heard of fork()
and setuid().  I can easily make your socket hooked to 10 processes, not
one of which has the uid of the socket in the file space.  One of the
first tricks in the book is to fork the client so that you have separate
processes reading and writing the socket.

And we're ignoring totally the possibility that the file you are stat()ing
may not be the file you thought you were stat()ing.  At a miminum, change
your code to use fstat().

On top of which, the file is owned by the process that creates it, which is
going to be the server, not the client.  No good for finding out who just
connected to you.

: 	Just 
: 	
: 	struct sockaddr_un fromaddr;
: 	int len=sizeof(fromaddr);
: 	uid_t uid;
: 
: 	bzero(fromaddr,len);
: 
: 	geetpeername(s,(struct sockaddr *)&fromaddr,&len);
: 	if ( ((struct sockaddr *)&fromaddr)->sa_family != AF_UNIX ) {
: 		/* Bitch about impossible connection */
: 		exit(1);
: 	}
: 
: 	stat( fromaddr.sun_path, &st );
: 	uid = st.st_uid;
: 
: 	...
: 
: Works for me.  Your mileage may vary.

It certainly does.

Larry

More information about the Comp.unix.wizards mailing list