site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Good day, Gentlemen (Sorry I accidentally pressed Send prev. time) Any ideas? Best regards (and sorry for double post), Platon Fomichev<pfomichev@elverils.com> _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... I have a rather interesting but imho trivial task to accomplish, yet I can't find the solution. I have a daemon running as root that listens to user's request using Unix domain sockets. That daemon will receive requests from local client application belonging to different users (i.e. multi-user config). It is possible that hacker software will try to emulate the requests so I absolutely can't rely on any protocol - I need a clear answer from the system who's knocking on the daemon door (listening socket). On Windows I use RPC and impersonation and although I am not a Window guy - I might say this works pretty well. On Linux I use credential passing through socket using sendmsg/recvmsg (which is unfortunately not supported by OS X : ((( ). So what can I do in OS X - I looked at all possible levels, starting from Kernel and ending with Cocoa and I can't find any suitable mechanism that can help my daemon. A possible but cumbersome solution is System V shared memory as it holds uid of connected user.. This email sent to site_archiver@lists.apple.com