On Mon, 19.04.10 18:09, Jan Braun (janbraun at gmx.de) wrote: > | /* Only enable SHM if both sides are owned by the same > | * user. This is a security measure because otherwise data > | * private to the user might leak. */ > | > | const pa_creds *creds; > | if (!(creds = pa_pdispatch_creds(pd)) || getuid() != creds->uid) > | do_shm = FALSE; > > ...and you're explicitly disallowing cross-user shm transfer. :( > I guess I'll have to figure out the security implications of messing > with that. Well, the story goes like this: we need to make sure that a user A cannot trigger a SIGBUS in processes by user B simply by ftruncating an shm region A controls and B maps and accesses. Since handling SIGBUS from a library context is ugly to impossible we hence generally don't allow shm data transfer between users. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net http://0pointer.net/lennart/ GnuPG 0x1A015CC4
