This is the mail archive of the
glibc-linux@ricardo.ecn.wfu.edu
mailing list for the glibc project.
Re: suggestions for glibc
- To: Pablo Saratxaga <pablo at mandrakesoft dot com>
- Subject: Re: suggestions for glibc
- From: Andreas Jaeger <aj at suse dot de>
- Date: 25 Oct 1999 20:55:21 +0200
- Cc: glibc-linux at ricardo dot ecn dot wfu dot edu
- References: <19991025185511.B18651@chanae.alphanet.ch>
- Reply-To: glibc-linux at ricardo dot ecn dot wfu dot edu
>>>>> Pablo Saratxaga writes:
> Kaixo!
> We have had a thread here on the problem of syslogd (it allows anyone
> that can run a program to write arbitrary messages trough it).
> And I think the only real solution to it would be to have a low level
> function (OS system call or libc function) that receives as argument
> a string and returns to a given process that string but also info on the
> calling process (pid,uid,gid,...) so a modified syslogd-like using such
> a function can have a trusty information on who sent the log line and
> accept or not to proceed it.
> Do you think it is worthwile ? (Or maybe there is already some way for a
> process A to receive messages from other processes and at the same time
> have trusty information on who is sending them ?)
Linux 2.2 has SO_PEERCRED, which is what you need. An example of its
usage is nscd in 2.1.2.
Andreas
--
Andreas Jaeger
SuSE Labs aj@suse.de
private aj@arthur.rhein-neckar.de