[ovs-dev] unix domain socket permissions on freebsd
Ben Pfaff
blp at nicira.com
Thu May 22 21:59:09 UTC 2014
According to _Unix Network Programming_, only the umask controls the
permissions of a Unix domain socket created by bind(). This makes it
difficult to correctly control permissions on sockets in a
multithreaded process, since the umask is not thread-specific.
Therefore, currently bind_unix_socket() in socket-util.c has a race.
On Linux, one can also affect the permissions of a Unix domain socket
by fchmoding the socket *before* calling bind(). Based on a glance at
the FreeBSD source, I don't think that this works on BSD. Is there
another way to do it there? (Does it work to fchmod the socket
post-bind?) If not, we might have to add a fallback that forks off a
process, sets the umask, and binds the socket.
I guess FreeBSD and NetBSD could potentially differ here, too.
Thanks,
Ben.
More information about the dev
mailing list