improving security of AF_UNIX sockets

Christopher Faylor
Fri Apr 6 12:19:00 GMT 2001

On Wed, Apr 04, 2001 at 10:02:50PM +0400, egor duda wrote:
>This patch prevents local users from connecting to cygwin-emulated
>AF_UNIX socket if this user have no read rights on socket's file.  it's
>done by adding 128-bit random secret cookie to !<socket>port string in
>file.  later, each processes which is negotiating connection via
>connect() or accept() must signal its peer that it knows this secret

This looks good.  It seems like this would not be backwards compatible
though, right?

I don't know if this is an issue or not.


More information about the Cygwin-patches mailing list