Differential D10409

In linux don't use abstract socket to share file descriptor
ClosedPublic
Actions

Authored by chinmoyr on Feb 9 2018, 5:11 PM.

Details

Reviewers
ossi
Group Reviewers
Frameworks
Commits
R241:89275d0d1450: In linux don't use abstract socket to share file descriptor
Summary

Use pathname socket for better access control.

Diff Detail

Repository
R241 KIO
Branch
master
Lint
No Linters Available
Unit
No Unit Test Coverage
chinmoyr created this revision.Feb 9 2018, 5:11 PM
Restricted Application added a project: Frameworks. · View Herald TranscriptFeb 9 2018, 5:11 PM
chinmoyr requested review of this revision.Feb 9 2018, 5:11 PM
chinmoyr updated this revision to Diff 26830.Feb 9 2018, 5:16 PM

Added back "/tmp/" prefix

dfaure added a subscriber: dfaure.Mar 4 2018, 10:14 AM

Can you explain a bit more in the commit log why this is better? I guess it comes from a discussion elsewhere, but better have the info here and in git in the end.

ossi added a comment.Mar 4 2018, 12:01 PM

the idea is that you can do directory-based access controls on file-based sockets, while the abstract namespace has no controls.
otoh, only linux has the abstract namespace, and it supports peer credential verification as well, so this doesn't actually add any security afaict.
arguably, the patch still makes sense from a maintenance perspective, removing a redundant code path.
fwiw, i'd re-order this patch before the other one - it makes for smaller patches to first remove code and then refactor only what's left.

chinmoyr added a comment.Mar 4 2018, 12:04 PM

@ossi I think the changes in file_unix.cpp from D9966 also belong here(?)

ossi added a comment.Mar 4 2018, 12:10 PM

that contradicts the comments i added to both reviews.

chinmoyr added a comment.Mar 4 2018, 12:12 PM

Sorry, I meant D10411.

ossi added a comment.Mar 4 2018, 12:24 PM

not sure why; the changes are semantically separate.

my suggestion was to put this before D10273, thus reducing the latter's size.

chinmoyr updated this revision to Diff 32412.Apr 17 2018, 5:29 PM
chinmoyr edited the summary of this revision. (Show Details)

Removed dependency on D10273
Rebased on master

chinmoyr updated this revision to Diff 32413.Apr 17 2018, 5:48 PM

Fix compilation error

ossi accepted this revision.May 6 2018, 9:17 AM
This revision is now accepted and ready to land.May 6 2018, 9:17 AM
Restricted Application added a subscriber: kde-frameworks-devel. · View Herald TranscriptMay 27 2018, 11:14 AM
Closed by commit R241:89275d0d1450: In linux don't use abstract socket to share file descriptor (authored by chinmoyr). · Explain WhyJun 1 2018, 11:27 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathPackages
Msrc/ioslaves/file/sharefd_p.h (11 lines)

Diff 26830

View Options

src/ioslaves/file/sharefd_p.h

Loading...