[ovs-dev] unix domain socket permissions on freebsd
YAMAMOTO Takashi
yamamoto at valinux.co.jp
Fri May 23 02:54:11 UTC 2014
> According to _Unix Network Programming_, only the umask controls the
> permissions of a Unix domain socket created by bind(). This makes it
> difficult to correctly control permissions on sockets in a
> multithreaded process, since the umask is not thread-specific.
> Therefore, currently bind_unix_socket() in socket-util.c has a race.
>
> On Linux, one can also affect the permissions of a Unix domain socket
> by fchmoding the socket *before* calling bind(). Based on a glance at
> the FreeBSD source, I don't think that this works on BSD. Is there
> another way to do it there? (Does it work to fchmod the socket
> post-bind?) If not, we might have to add a fallback that forks off a
> process, sets the umask, and binds the socket.
>
> I guess FreeBSD and NetBSD could potentially differ here, too.
NetBSD doesn't have an alternative way. i think the situation is
same for FreeBSD but i haven't checked.
anyway, it would be nice to have a portable fallback.
using a temporary directory might be less invasive than folk.
YAMAMOTO Takashi
>
> Thanks,
>
> Ben.
More information about the dev
mailing list