Prakash Sangappa <prakash.sanga...@oracle.com> writes: > On 8/30/17 10:41 AM, ebied...@xmission.com wrote: >> Prakash Sangappa <prakash.sanga...@oracle.com> writes: >> >> >>> With regards to security, the question basically is what is the consequence >>> of passing the wrong id. As I understand it, Interpreting the id to be pid >>> or tid, the effective uid and gid will be the same. It would be a problem >>> only if the incorrect interpretation of the id would refer a different >>> process. >>> But that cannot happen as the the global tid(gettid() of a thread is >>> unique. >> There is also the issue that the receiving process could look, not see >> the pid in proc and assume the sending process is dead. That I suspect >> is the larger danger. >> > > Will this not be a bug in the application, if it is sending the wrong > id?
No. It could be deliberate and malicious. >>> As long as the thread is alive, that id cannot reference another process / >>> thread. >>> Unless the thread were to exit and the id gets recycled and got used for >>> another >>> thread or process. This would be no different from a process exiting and its >>> pid getting recycled which is the case now. >> Largely I agree. >> >> If all you want are pid translations I suspect the are far easier ways >> thant updating the SCM_CREDENTIALS code. > > What would be an another easier & efficient way of doing pid translation? > > Should a new API/mechanism be considered mainly for pid translation purpose > for use with pid namespaces, say based on 'pipe' something similar to > I_SENDFD? There are proc files that provide all of the pids of a process you can read those. Other possibilities exist if you want to go that fast. Eric
