![]() | :: | Software | :: | ucspi-ipc |
When it accepts a connection, ipcserver uses the effective user ID and effective group ID of the process that called connect to decide whether to handle the connection or drop it immediately. Therefore ucspi-ipc requires operating system support for passing the client credentials to the server. For discussions of various credential-passing mechanisms, see D.J. Bernstein's Secure interprocess communication and the BugTraq mailing list thread stemming from Wiping out setuid programs.
ucspi-ipc uses getpeereid to obtain client credentials. Unless your operating system supports an implementation of getpeereid, you cannot use ucspi-ipc.
int getpeereid(int s,uid_t *u,gid_t *g);
s is the result of a successful accept on a local-domain stream socket.
u and g are pointers to addresses where the user and group IDs are stored.
Upon success, getpeereid stores user and group IDs at u and g, respectively, and returns 0. If an error occurs, getpeereid sets errno appropriately, and returns -1.
Experimental operating system patches that add a getpeereid system call are available for several BSD variants.