<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
Hi<br>
Adam Jackson wrote:
<blockquote cite="mid200411031652.27142.ajax@nwnk.net" type="cite">
<pre wrap="">On Wednesday 03 November 2004 16:33, Thomas Hellström wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi!
I'm working on a way for the client XvMC lib to determine whether an X
server connection is local or not.
The best way I've come up with so far is for the client to allocate a
shared memory page, and fill it with a pattern which is seeded by a
pseudo-random 32-bit number. It then transmits this number and the
shared memory page ID to the server which tries to map the shared memory
page, verifies the pattern and returns either fault or OK.
<snip>
Is this an acceptable approach security-wise?
Are there simpler ways?
</pre>
</blockquote>
<pre wrap=""><!---->
getsockname(3) on the connection fd. It's local if one of:
- family is PF_UNIX
- family is PF_INET and address is 127.0.0.1
- family is PF_INET6 and address is ::1
- family is PF_DECnet and address is whatever the DECnet loopback address is
(probably you don't need to worry about this case)
I suppose you could add some more work to check if the IP address matches that
of any of the attached network interface, but I wouldn't bother.
>From a security standpoint this is perfect. The user can spoof getsockname()
through linker tricks, but neither case is problematic. If the connection is
local and the user spoofs it isn't, then XvMC will fail to work because it
won't be able to open the hardware. If the connection is remote but the user
spoofs it's local, then the XvMC lib will open the local hardware, which the
user already _has_ access to.
</pre>
</blockquote>
Hmm,<br>
Doesn't any connection based approach fail with proxy X servers like
ssh, where the shm approach will work?<br>
<br>
/Thomas<br>
<blockquote cite="mid200411031652.27142.ajax@nwnk.net" type="cite">
<pre wrap="">- ajax
</pre>
</blockquote>
<br>
</body>
</html>