Re: improving security of AF_UNIX sockets

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: egor duda <cygwin-patches(at)cygwin(dot)com>
Cc: Jason Tishler <Jason(dot)Tishler(at)dothill(dot)com>, Pgsql-Ports <pgsql-ports(at)postgresql(dot)org>
Subject: Re: improving security of AF_UNIX sockets
Date: 2001-04-14 02:08:26
Message-ID: Pine.LNX.4.30.0104140350200.945-100000@peter.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-ports

egor duda writes:

> PE> Actually, connections to Unix domain sockets are controlled by *write*
> PE> access to the socket file. Maybe Cygwin should change this.
>
> Hmm. Can you point to some references? What operations (socket(), bind(),
> connect(), accept()) will fail in case of
> 1) r-- access
> 2) -w- access
> 3) rw- access
> to socket file?

If there's no 'w' then connect() will fail with ECONNREFUSED on Linux 2.2.
(At least this is what PostgreSQL tells me, I didn't bother tracking it
down at the source level.) Note that the glibc documentation until
recently claimed that read permission was what mattered, but this was
never the case and has been removed after I pointed it out. (This tells
you how well known this actually is.) Unfortunately, now it doesn't say
anything about this.

FreeBSD 4.3's connect(2) man page documents EACCESS as the error code if
"Write access to the named socket is denied."

On Solaris 8, connect(3XNET) says

"The connect() function may fail if:

EACCES Search permission is denied for a component of the path
prefix; or write access to the named socket is denied."

On Irix 6.5, unix(7F) has

: Normal filesystem
: access-control mechanisms are also applied when referencing pathnames;
: e.g., the destination of a connect(2) or sendto(2) must be writable.

And last but not least, The Single UNIX ® Specification, Version 2
(a.k.a., Unix98):

"The connect() function may fail if:

[EACCES]
Search permission is denied for a component of the path
prefix; or write access to the named socket is denied."

(Hmm, somebody was copying here.)

--
Peter Eisentraut peter_e(at)gmx(dot)net http://yi.org/peter-e/

In response to

Responses

Browse pgsql-ports by date

  From Date Subject
Next Message Tom Lane 2001-04-14 03:17:00 Re: Re: improving security of AF_UNIX sockets
Previous Message Jason Tishler 2001-04-14 01:40:52 Re: FW: [GENERAL] Given: Win98, Cygwin, postgresql-7.0.3.tar.gz | Need: to make libpg/(++) libraries?