At Thu, 24 Oct 2013 15:38:11 +0200, Svante Signell wrote: > > Well, the question is quite simple: what happens when the sender > > provides faked ports, e.g. pointing to other proc/auth servers? That's > > where having to explain how the patch is working would possibly even > > work out the security issues. > > How could it point to other proc/auth servers? The receiver is using the > ports of the same proc server. Are you considering more than one > instance running? This is communication on a local socket, and the > socket read/write mode is controlling the access to it. In the > implementation only the same user and root could send. for other users > the socket permission has to be changed from srw-r--r-- to srw-r--rw- > Tested by sending as another user.
There is not a check of who opened the socket, but the sender. These may be different. Neal
