Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
> "Serge E. Hallyn" <serue@xxxxxxxxxx> writes:
>
> > Ignoring namespaces for a moment, I guess we could do something like
> >
> > struct credentials_pass {
> > pid_t global_pid;
> > unsigned long unique_id;
> > uid_t new_uid;
> > gid_t new_gid;
> > int num_aux_gids;
> > gid_t aux_gids[];
> > }
>
> This looks surprising like what I am doing in passing uids and pids
> through unix domain sockets.
>
> So if this looks like a direction we want to go it shouldn't be too
> difficult.
>
> >> That also btw needs fixing for other reasons - more than one daemon has
> >> been written that generically uses recvmsg and so can be attacked with FD
> >> leaks >-)
> >
> > Yup.
> >
> > (By 'needs fixing' you just mean needs to be done right for this
> > service? Else I think I'm missing something...)
>
> Remember my unix domain socket and the patch for converting struct cred
> into a new context, from a month or so ago. I think that is what we
> are talking about.
Zoinks! After some digging I found it in my containers.mbox and at
https://lists.linux-foundation.org/pipermail/containers/2010-March/023405.html
and see you even called me out. Sorry! I see your tree at
http://git.kernel.org/gitweb.cgi?p=linux/kernel/git/ebiederm/linux-2.6.33-nsfd-v5.git;a=summary
and commit "af_unix: Allow SO_PEERCRED to work across namespaces", and
it all looks good. Definately useful for a SO_PASSCRED or somesuch
implementation.
thanks,
-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
