Re: [PATCH] proc: Add complete process group list

From: Mike McCormack
Date: Wed Jun 23 2010 - 11:00:36 EST

Next message: Steven Rostedt: "Re: [PATCH 01/40] ftrace syscalls: don't add events for unmappedsyscalls"
Previous message: John W. Linville: "Re: linux-next: build failure after merge of the wireless tree"
In reply to: Andrew Morton: "Re: [PATCH] proc: Add complete process group list"
Next in thread: KOSAKI Motohiro: "Re: [PATCH] proc: Add complete process group list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Morton wrote:

>> This feature might be useful for a server listening on a unix domain pipe
>> to determine the list of groups that a client process is in from its pid.
>
> "might be"?

Well, "would be" :-)

> It would be useful to hear a bit more about usage scenarios, why this
> is needed, etc - some hard info which would justify permanent extension
> of the kernel->userspace API. How does this get used, why is it
> needed, what are the alternatives, etc.

This will be used in a device with groups permissions checked in userspace.

Say you have a process called "telephony-server", and it talks to a number
of client processes with different privilege levels via a unix domain socket.

telephony-server might be able do things which should have different privilege
levels, like send SMS messages, make phone calls, download firmware to a 3G
modem, etc. The client processes would be members of groups reflecting
each privilege. Depending on the number of similar servers in the system,
and how fine-grained the privileges are, there might be lots of groups (>32).

telephony-server should be able to allow or deny requests depending on whether
an application is a member of the correct group or not.

unix sockets can pass credentials, but currently I can only see struct ucred
(pid, uid and gid) being passed. Using the pid, /proc/pid/status can be read
for a list of groups, but it only lists up to 32 groups.

Ways I can see to get the groups for a unix socket peer from it's pid all
mostly require some kernel modification:

* modify kernel to list all groups in /proc/<pid>/status
- very long lines become possible in status file
- no way to know whether you're using an old kernel with 32 group limit
or new kernel and pid only has 32 groups

* modify kernel to add /proc/<pid>/groups
- more kernel-userland interface

* implement LOCAL_CREDS for unix domain sockets in Linux
- work

* limit number of groups to 32
- limit is imposed by /proc code

* create multiple unix domian sockets per privilege with group r/w only
- seems like trouble

What do you think?

thanks,

Mike

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Steven Rostedt: "Re: [PATCH 01/40] ftrace syscalls: don't add events for unmappedsyscalls"
Previous message: John W. Linville: "Re: linux-next: build failure after merge of the wireless tree"
In reply to: Andrew Morton: "Re: [PATCH] proc: Add complete process group list"
Next in thread: KOSAKI Motohiro: "Re: [PATCH] proc: Add complete process group list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]