This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: improving security of AF_UNIX sockets
Hi!
Friday, 06 April, 2001 Christopher Faylor cgf@redhat.com wrote:
CF> On Wed, Apr 04, 2001 at 10:02:50PM +0400, egor duda wrote:
>>This patch prevents local users from connecting to cygwin-emulated
>>AF_UNIX socket if this user have no read rights on socket's file. it's
>>done by adding 128-bit random secret cookie to !<socket>port string in
>>file. later, each processes which is negotiating connection via
>>connect() or accept() must signal its peer that it knows this secret
>>cookie.
CF> This looks good. It seems like this would not be backwards compatible
CF> though, right?
CF> I don't know if this is an issue or not.
it won't be an issue because contents of AF_UNIX sockets are not
"persistent", they are being created anew on every bind(). in
this sense they're unlike symlinks -- we don't care about what was
written to the socket file before.
the only possible incompatibility can appear if some application is
reading an interpreting socket file contents directly, bypassing
normal cygwin mechanism. i've never heard of such applications, and
even if they exist, they're certainly fundamentally wrong.
Egor. mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19