Andi Kleen <ak@suse.de> writes:
> Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE> writes:
>
> > Would anyone like to give me a helping hand in implementing the
> > getpeereid() syscall for Linux? See the following page for the
> > documentation of the OpenBSD implementation:
>
> It is implemented for unix sockets (see unix(7))
Hmm, it is not documented in my local copy (?). getpeereid() is
different from the standard credential passing mechanism because it
does not require cooperation of the other end.
> For TCP it is rather useless because it would work only locally.
Obviously, we need it only locally. ;-) The interface is useful if you
are implementing poor man's VPN in user space.
> If you trust the localhost you're probably better off using the
> ident protocol for it.
This means running just another server, even with root privileges. :-(
-- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 07 2001 - 21:00:30 EST