[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mach ports and the remote uid

Subject: Re: mach ports and the remote uid
From: Jim Magee <email@hidden>
Date: Thu, 7 Mar 2002 15:52:01 -0500

On Thursday, March 7, 2002, at 02:53 PM, Kevin Van Vechten wrote:

While receiving a message on a mach port from a remote process, is it possible to determine the effective user id of the sending process?

Yep. Each mach_msg() is tagged with the sending process' effective uid and main group id (group id will likely get replaced with real uid, if we can determine that would not break anyone - determination still underway). The tagging is optionally received in a message "trailer."

What I'm trying to accomplish is:

A server process listens for mach messages from many different processes [which the server has no prior knowledge of], and acts only upon trusted messages. Trusted means the message came from a process running as uid 0.

You will need to set the receive option for mach_msg() or mach_msg_server() that causes the security token to be included in the trailer (and also make sure you have enough space in the receive buffer for the additional data). Here is a mach_msg_server() invoking code snippet that does this:

ret = mach_msg_server(sectokentest_server,
1024,
arguments.server_port,
MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_SENDER)|
MACH_RCV_TRAILER_TYPE(MACH_MSG_TRAILER_FORMAT_0));

MIG also has keywords for making certain parameters to servers have the client's security token, and/or makes an "out" parameter from the server contain the security token of whoever sent the reply message for an RPC. Until recently, the latter had a bug. When fixing that bug, I also added a symmetric "in/out" security token so that each side could check the identify of the other with only a single parameter (and with parameter symmetry on each side).

Here are the MIG examples:

/*
* The server gets the security token of the client as an "in".
*/
routine test_server(
server : mach_port_t;
ServerSecToken token : security_token_t);

/*
* The user gets the security token of the server as an "out".
*/
routine test_user(
server : mach_port_t;
UserSecToken token : security_token_t);

/*
* The server gets the security token of the client, and the
* client gets the security token of the server. The token
* appears to be a symmetric "in-out: parameter to the call,
* but is filled in my the Mach IPC system.
*/
routine test(
server : task_t;
SecToken token : security_token_t);

--Jim
_______________________________________________
darwin-development mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-development
Do not post admin requests to the list. They will be ignored.

References:
	>mach ports and the remote uid (From: Kevin Van Vechten <email@hidden>)

Prev by Date: Re: thread priorities; what is "Real time (multimedia)"
Next by Date: Re: darwin-development digest, Vol 3 #127 - 13 msgs
Previous by thread: mach ports and the remote uid
Next by thread: Kext to user space process communication
Index(es):
- Date
- Thread

Home