[Linux-ha-dev] Bind/stat Auth Patch
Matthew Berg
galt at gothpoodle.com
Tue Oct 5 15:32:26 MDT 2004
On Tue, 2004-10-05 at 15:26, Alan Robertson wrote:
> > On the other hand, if there's any chance the IPC socket code is going to
> > be used on any non-BSD platform, moving to something SYSV compatible
> > would be a good idea. (I'm pretty sure this struct member isn't there
> > on other platforms, including AIX and HP/UX.)
>
> It's much better if the platforms implement getpeereuid and getpeeregid, or
> the Linux SO_PEERCRED calls. Those are by far better alternatives to this.
>
> Basically, the Solaris way of doing things is back in the stone ages of the
> 1980s - back when no one took security very seriously.
>
> By the way, Linux isn't a BSD platform, so it already runs on non-BSD
> platforms ;-).
Heh, sorry, I meant to say if there's any change the "BINDSTAT socket
code..." As far as I know that wouldn't work on Linux either, though I
didn't look too closely since I don't know of a reason it would be.
--
Matthew Berg <galt at gothpoodle.com>
More information about the Linux-HA-Dev
mailing list