:: Software :: ucspi-ipcWhen it accepts a connection, ipcserver uses the effective user ID and effective group ID of the process that called connect to decide whether to handle the connection or drop it immediately. Therefore ucspi-ipc requires operating system support for passing the client credentials to the server. For discussions of various credential-passing mechanisms, see D.J. Bernstein’s Secure interprocess communication and the BugTraq mailing list thread stemming from Wiping out setuid programs.
ucspi-ipc uses getpeereid to obtain client credentials. Unless your operating system supports an implementation of getpeereid, you cannot use ucspi-ipc.
s is the result of a successful accept on a local-domain stream socket.
u and g are pointers to addresses where the user and group IDs are stored.
Upon success, getpeereid stores user and group IDs at u and g, respectively, and returns 0. If an error occurs, getpeereid sets errno appropriately, and returns -1.
Recent Linux kernels that support SO_PEERCRED with getsockopt provide sufficient basis for a getpeereid function. Various systems offer a gepeereid system call, including OpenBSD 3.0, FreeBSD 4.6, and AIX 5L.
Experimental operating system patches that add a getpeereid system call are available for several BSD variants.
Copyright © 2009 by SuperScript Technology, Inc. All rights reserved.