Change Details

Some methods in file ioslave, `FileProtocol::copy` and FileProtocol::put to be precise, use file descriptor of source and destination files. So performing any these operations as root user using kauth's helper requires the source or destination file to be opened inside the helper and sending the file descriptor back to ioslave using a suitable IPC mechanism. My patch does the task using unix local domain socket. In principal dbus can also be used. The sequence would be, registering service in ioslave, setting `euid` of the helper process and sending the file descriptor over user's session bus. I tried it but the code turned out messy. In the end it was somewhat a personal preference. There are certain things I would like to know regarding this patch, In this patch I used the abstract namespace. It will work with linux but I don't know about mac os or bsd. So what to use for them? In place of unix sockets, dbus can also be used. So shall i use it ? I am aware there are security issues with both the approaches but using which one of them is less riskier?

When reading or writing a file with elevated privileges the helper will open the required file (with elevated privileges) and it will share the open file descriptor with file ioslave. Since the file referred to by the shared file descriptor was opened by a privileged process, file ioslave which is a normal user process will be able to modify the file. This patch adds two classes, FdSender and FdReceiver. And as their name suggest they facilitate sending and receiving of an open file descriptor between a privileged and a normal process.

Some methods in file ioslave, `FileProtocol::copy` and FileProtocol::put to be precise, use file descriptor of source and destination filesWhen reading or writing a file with elevated privileges the helper will open the required file (with elevated privileges) and it will share the open file descriptor with file ioslave. So performing any these operations as root user using kauth's helper requires the source or destination file to be opened inside the helper and sending the file descriptor back to ioslave using a suitable IPC mechanism. My patch does the task using unix local domain socket.ince the file referred to by the shared file descriptor was opened by a privileged process, In principal dbus can also be used. The sequence would be, registering service in ioslave, setting `euid` of the helper process and sending the file descriptor over user's session bus.file ioslave which is a normal user process will be able to modify the file. This patch adds two classes, I tried it but the code turned out messyFdSender and FdReceiver. In the end it was somewhat a personal preference. There are certain things I would like to know regarding this patch,And as their In this patch I used the abstract namespace. It will work with linux but I don't know about mac os or bsd. So what to use for them?name suggest they facilitate sending and receiving of an open file In place of unix sockets, dbus can also be used. So shall i use it ? I am aware there are security issues with both the approaches but using which one of them is less riskier?descriptor between a privileged and a normal process.