file descriptor passing (jail related question)

From: Shaya Potter (spotter@cs.columbia.edu)
Date: Fri Jul 19 2002 - 16:58:07 EST


How does file descriptor passing work. From what I can tell it uses the
sendmsg and recvmsg calls. Is this only process to process over a non
ip socket on the same machine (what's the right terminology for this,
just a plain FIFO?), or could one conceivably pass a file descriptor
over an ip socket?

I ask, because of jail. If it's just a FIFO, then one can secure fd
passing in a jail by controlling who can talk on a socket (since
persumably fd passing is used over a pre-existing fd, and there are no
pre-existing fd's to outside the jail....)

If it can be transmited over IP, its a much more serious issue, as all
one has to do is crack a jail (root inside the jail), crack the local
system (regular user) run a program that talks to the local system over
ip, and have the cracked regular user pass a fd in.

Any other points to read that I can learn about fd passing would be
appreciated as well, as I have never used this feature in my programs,
so am somewhat ignorant in regards to it.

thanks,

shaya potter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Tue Jul 23 2002 - 22:00:31 EST