> On 5 Jun 2025, at 5:12 PM, Jonathan Stone <kiwi_jonat...@yahoo.com> wrote: > > > > On Thursday, June 5, 2025 at 09:36:58 AM PDT, Emmanuel Nyarko > <emmankoko...@gmail.com> wrote: > > > > Errmmm, I was thinking that it maybe becomes a default behavior. > > > > I mean every socket should be owned by the process that the socket was > > created for. > [...] > You say "should" be owned? Why? You're proposing a change at the SOL_SOCKET > level, which means it will apply to Unix-domain sockets.
> What are the impacts of changing the owner of that socket to the uid of > forked process, instead of the uid of the creator (presumably root)? User based server security with NPF. Similar to a DenyUser or Match allowUser in sshd_config. If you want to filter (block/pass) certain packets on sockets created by Unix servers, other user configs becomes “useless” since the socket is only root. > > Deploying the proposed change everywhere that runs -current, without testing > and experience, seems... premature. It has security implications. So until > that experience is gained, I suggest making the feature 'opt-in', both > system-wide, and per socket -- that is, the original creator has to issue a > setsockopt() to enable the feature when (at minimum) the global setting is > "off”. I totally agree with you!!! That sounds better. > > But hey, it's not my say. A scoffer seeks wisdom in vain, but knowledge is easy for a man of understanding. Emmanuel
