User credentials on a unix datagram socket

All of lore.kernel.org
 help / color / mirror / Atom feed

From: John Kelly <jak@isp2dial.com>
To: linux-kernel@vger.kernel.org
Subject: User credentials on a unix datagram socket
Date: Sun, 05 Oct 2008 21:41:22 +0000	[thread overview]
Message-ID: <200810052141.m95LfL2c027165@isp2dial.com> (raw)

The socket(7) man page seems to imply that user credentials cannot be
sent on a unix datagram socket, unless socketpair() created it.

> SO_PEERCRED
>   Return the credentials of the foreign process connected to this socket.
>   This is only possible for connected AF_UNIX stream sockets and AF_UNIX
>   stream and datagram socket pairs created using socketpair(2);

But through trial and error, without reading any kernel source, I
learned that you can send user credentials on a regular unix datagram
socket which was not created with socketpair().

I'm unsure what SO_PEERCRED is intended for; I used SO_PASSCRED in my
server code, and it works.  I'm glad it does.  Stream sockets would
require a file descriptor for each client.  Ugh.  What I want to do is
so much simpler with datagram sockets.

I have sample code at ftp://ftp.isp2dial.com/users/jak/src/test/uxdg/

I hope someone will revise the man page and explain that you can pass
user credentials on a unix datagram socket, even one not created with
socketpair().

This is a very useful feature.  Please keep it in the kernel!

-- 
Webmail for Dialup Users
http://www.isp2dial.com/freeaccounts.html

next             reply	other threads:[~2008-10-05 22:01 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-10-05 21:41 John Kelly [this message]
2008-10-07  0:04 ` User credentials on a unix datagram socket John Kelly

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200810052141.m95LfL2c027165@isp2dial.com \
    --to=jak@isp2dial.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.