Re: Getting PID of a unix domain socket client
Re: Getting PID of a unix domain socket client
- Subject: Re: Getting PID of a unix domain socket client
- From: "mm w" <email@hidden>
- Date: Thu, 29 Nov 2007 09:39:30 -0800
Hi, there is no facilities like getpeerucred on solaris,
in fact it depends on what you want to do with the pid information,
if it's to check, you can compare the effective and real id
if it's to kill, you can create your own socket container(struct, for
an example like ucred),
obtain a process (fork), fill your container(struct)
-mmw
On Nov 29, 2007 5:14 AM, Murali J <email@hidden> wrote:
> Hi all,
> Thanks for your responses. I have tried getsockopt in linux
> and succeeded.
> But in MAC OS I had to try getpeereid() or getsockopt() with socket level as
> SOL_SOCKET and LOCAL_PEERCRED which returned only euid and egid.
>
> I too thought to send the pid from the other end but as
> Lambert said its not safe.
> Since security is also my concern here. I ignored that also. I had tried to
> use kernel level APIs defined in sys/kauth.h. That also will give only gid
> and uid and etc.
>
> Since Linux has this option to know the pid from the socket
> descriptor, I want to know is there any other options in MAC to do the
> same.Till now I din't find any way to do that.
>
> Anyway thanks for ur responses.
>
> Best Regards,
> Murali J.
>
>
>
>
>
>
> On 11/28/07, mm w <email@hidden> wrote:
> > Hi, i ve suggested to Murali to use getpeereid : euid, egid
> > the effective UID and GID can be used to verify the privileges
> > but maybe incomplete, especially for the fs checks.
> >
> > -mmw
> >
> > On Nov 28, 2007 8:36 AM, Terry Lambert <email@hidden> wrote:
> > > On Nov 27, 2007, at 9:38 PM, Murali J < email@hidden> wrote:
> > > > Hi all,
> > > > I am writing a simple client server program using Unix
> > > > domain sockets.
> > > > Client sends some 10 bytes to the server and the server responses
> > > > with another 10 bytes.
> > > >
> > > > Is there any way I can get the PID of the client which sends
> > > > the request to the server?!?
> > > >
> > > > In linux, I am able to do this by using getsockopt(). But in
> > > > MAC OS X, I am able to get only GID and UID of the client. I am
> > > > running Darwin Kernal 8.6.0.
> > >
> > > Were you intending to use the PID as a simple client identifier, or
> > > were you intending to make security inferences based on it?
> > >
> > > If as an identifier, you could just send the information in-band as
> > > the first thing in the data stream.
> > >
> > > If you were intending to make security decisions, that's probaly not
> > > useful, since you can't trust the other end to be who they say they
> > > are, based on the PID: it's not a security identifier.
> > >
> > > -- Terry
> > >
> > > _______________________________________________
> > > Do not post admin requests to the list. They will be ignored.
> > > Darwin-kernel mailing list (email@hidden)
> > > Help/Unsubscribe/Update your Subscription:
> > >
> > >
> > > This email sent to email@hidden
> > >
> >
> >
> >
> > --
> > echo zapydapntpd.rxltw@nzx | tr a-z@. p-za-o.@
> >
>
>
--
echo zapydapntpd.rxltw@nzx | tr a-z@. p-za-o.@
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden