Re: [chrony-dev] [PATCH] Privilege Separation - Version 2 - Add helper process

[Bryan Christianson <bryan@xxxxxxxxxxxxx>]

> On 19/11/2015, at 10:19 PM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
> 
> On Thu, Nov 19, 2015 at 02:55:30PM +1300, Bryan Christianson wrote:
>> You suggest passing struct cmsghdr * as an argument to the receive_xxx() function, but extraction of the message depends on a pointer to the msghdr which is currently local to the receive_xxx() function. If we assume there is only a single result then its not really a problem, but that doesn't feel right to me
> 
> Good point. That does complicate the things and I don't see a clean
> solution.
> 
> So, back to the previous approach having sock field in the request
> structure and transparently rewrite it? What I didn't like was that
> there was a special function to send data and a descriptor, which was
> used only in one case. I think I'd like it better if instead of having
> a special function with extra parameter the case was handled directly
> in the sending/receiving functions. Basically merge send_to_helper()
> with send_with_fd() and move the bind_sock.sock update to the
> receiving function.
> 
> Would that make sense?

I think it might be cleaner and more readable to keep send_with_fd() and receive_with_fd() and always call send_with_fd(), passing -1 if there is no socket to be transferred. i.e. no need for special case in send_to_helper(). 

If in the future we need to pass some other/additional control message then this could be handled by passing a struct in place of a descriptor to the send and receive functions, with appropriate renaming of functions

B



--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.