Re: [chrony-dev] [PATCH] Privilege Separation - Version 2

Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]

To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process
From: Bryan Christianson <bryan@xxxxxxxxxxxxx>
Date: Thu, 19 Nov 2015 14:55:30 +1300
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smtpcorp.com; s=a0-2; h=Feedback-ID:X-Smtpcorp-Track:To:Message-Id:Date: From:Subject; bh=bPmSGgGY6F6Ax8CuXrin3n3HRaz90yWoYULKXF4eNAI=; b=T65YkkjStKoA Aasd2KmGVdiAtRSIJ56lk3h0tnevTWLhUICZjFxqFrbnXfOVIlnPD83+GusF2qdymZtGpQXbf21oZ 5wdRFt4pFePHwq4ZqmDXihOczI476aapL+hqR/DM4PHqtLSfos7567yT3g/xKhnngFQlHpUHQBn5o 3AVp41LSbXC2LHeYNF99RyH/S6e06sTtBglqRwhkJ00OjTqVeQnaSJ5eNTOavsNlPCL7r8b/v/A0u ys/1VyRLY8CUVEn5K9nFjv1IL5iUyew0ctC3fFvzgBOIRD8qDiymhG6jIbZHgQVQQheiRX8rAWYPX YaXTdCcQxct2V2ZfUqMtcA==;
Feedback-id: 149811m:149811acx33YQ:149811sbT_GL6RbK:SMTPCORP

> On 19/11/2015, at 5:47 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
> 
> On Mon, Nov 16, 2015 at 01:42:27PM +1300, Bryan Christianson wrote:
>> 
> 
>>> +static int
>>> +receive_with_fd(int fd, void *data, int data_size, int *fd_recvd)
> 
> Here it would be a pointer to a cmsg buffer.
> 
>>> +  /* extract transferred descriptor (if any) */
>>> +  for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
>>> +    if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
>>> +      memcpy(fd_recvd, CMSG_DATA(cmsg), sizeof(int));
>>> +  }
> 
> This would be in do_bindsocket().

You suggest passing struct cmsghdr * as an argument to the receive_xxx() function, but extraction of the message depends on a pointer to the msghdr which is currently local to the receive_xxx() function. If we assume there is only a single result then its not really a problem, but that doesn't feel right to me

Bryan Christianson
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Follow-Ups:
- Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process
  - From: Miroslav Lichvar

References:
- [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process
  - From: Bryan Christianson
- [chrony-dev] Re: [PATCH] Privilege Separation - Version 2 - Add helper process
  - From: Bryan Christianson
- Re: [chrony-dev] Re: [PATCH] Privilege Separation - Version 2 - Add helper process
  - From: Miroslav Lichvar

Messages sorted by: [ date | thread ]
Prev by Date: Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process
Next by Date: [no subject]
Previous by thread: Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process
Next by thread: Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/