bindat(2) and connectat(2) syscalls for review.
Jilles Tjoelker
jilles at stack.nl
Thu Feb 14 18:55:51 UTC 2013
On Thu, Feb 14, 2013 at 12:40:31AM +0100, Pawel Jakub Dawidek wrote:
> On Thu, Feb 14, 2013 at 01:20:04AM +0200, Konstantin Belousov wrote:
> > On Thu, Feb 14, 2013 at 12:03:54AM +0100, Pawel Jakub Dawidek wrote:
> > > http://people.freebsd.org/~pjd/patches/bindconnectat.patch
> > > It implements bindat(2) and connectat(2) syscalls that will allow to
> > > manage UNIX domain sockets from within capability mode sandbox.
> > > They work just like any other *at(2) syscall and their prototypes look
> > > like this:
> > > int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen);
> > > int connectat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen);
> > > Where 'fd' is directory descriptor. The only supported socket domain is
> > > PF_LOCAL.
> > > The audit subsystem was updated to audit the new syscalls properly.
> > > Comments and reviews are welcome.
> > Looking only at prototypes, I think it is useful to add at last the flags
> > argument. The first application of it is for O_CLOEXEC-like flag.
> And this flag should be applied to?
> Note that those syscalls don't create new descriptors, they operate on
> existing descriptors (directory descriptor and socket descriptor) that
> should eventually have close-on-exec flag set if required.
A flag parameter is a good thing; you may not know yet what you will
need it for.
Looking through some of the other *at calls, AT_SYMLINK_NOFOLLOW might
be interesting.
--
Jilles Tjoelker
More information about the freebsd-arch
mailing list