improving security of AF_UNIX sockets

Jason Tishler
Fri Apr 13 08:23:00 GMT 2001


On Wed, Apr 04, 2001 at 10:02:50PM +0400, egor duda wrote:
>   this patch prevents local users from connecting to cygwin-emulated
> AF_UNIX socket if this user have no read rights on socket's file.
> it's done by adding 128-bit random secret cookie to !<socket>port
> string in file. later, each processes which is negotiating connection
> via connect() or accept() must signal its peer that it knows this
> secret cookie.
> sendto() and recvfrom() are still insecure, unfortunately.
> Comments?

I have tried the above with PostgreSQL and it works as documented.
However, see the attached for a comment from one of the PostgreSQL
core developers.

Is it possible and/or does it make sense to do as suggested?


Jason Tishler
Director, Software Engineering       Phone: +1 (732) 264-8770 x235
Dot Hill Systems Corp.               Fax:   +1 (732) 264-8798
82 Bethany Road, Suite 7             Email:
Hazlet, NJ 07730 USA                 WWW:

More information about the Cygwin-patches mailing list