[8793] in bugtraq
Re: Why you should avoid world-writable directories
daemon@ATHENA.MIT.EDU (Casper Dik)
Wed Dec 23 16:31:31 1998
Date: Wed, 23 Dec 1998 10:16:40 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Casper Dik <casper@HOLLAND.SUN.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 22 Dec 1998 13:22:35 GMT."
<m0zsRlk-0007U1C@the-village.bc.nu>
>getpeeruid() has a problem since multiple processes may write to one
>datagram socket, also processes can change uid and file handles can be
>passed around.
>
>Both recent *BSD and Linux 2.1.x have per message authentication data
>for AF_UNIX sockets that is available as a control message (ie you can
>get it via recvmsg()).
Also, on systems that have STREAMs based loopback transports, support
exists to get the other ends credentials in a similar manner.
This is used for authentication on Solaris 2.x loopback rpc
(rpcbind, vold, autofsd, keyserv)
Casper