unix domain socket security and PID retrieval

[Zane C.B.]

On Mon, 4 Feb 2008 15:36:30 +0100
"Heiko Wundram (Beenic)" <wundram at beenic.net> wrote:

> Am Montag, 4. Februar 2008 15:21:52 schrieb Zane C.B.:
> > I've come across that mentioned in unix(4). There is no support
> > for it in regards to Perl. Another problem is it requires support
> > for that on both ends.
> >
> > More and more it looks like getting either PID and/or user info
> > about the other process connecting up to it is impossible, with
> > out writing some sort of authentication system for the two to use
> > or both ends have to support the LOCAL_CREDS stuff.
> 
> I cannot believe that this doesn't exist for Perl (everything
> exists for Perl in one way or another...), and anyway, a quick
> search on CPAN found this, which looks as though it's (at least
> part of) what you're looking for:
> 
> http://search.cpan.org/~mjp/Socket-MsgHdr-0.01/MsgHdr.pm
> 
> Finally, thinking back to the last time I used SCM_CREDS on Linux
> (which is a loooong time ago), I'm not even sure that the sender
> has to send an SCM_CREDS message (which would invalidate my former
> reply); I think it's enough if the receiver requests to get one
> (which will be filled in by the kernel), see the description in the
> referenced page above which shows you how to set up the
> corresponding recvmsg call.
> 
> Sending one is only required in case the sender is root and wants
> to spoof it's credentials to the remote process (IIRC).

Thanks. I did not think to try a search for that. I was trying
various combinations involving the word unix and socket.

I've gotten it installed now and will post with how it works out.