Security question?
Roland Mainz
roland.mainz at nrubsig.org
Wed Nov 3 16:27:11 PST 2004
Adam Jackson wrote:
> > I'm working on a way for the client XvMC lib to determine whether an X
> > server connection is local or not.
> >
> > The best way I've come up with so far is for the client to allocate a
> > shared memory page, and fill it with a pattern which is seeded by a
> > pseudo-random 32-bit number. It then transmits this number and the
> > shared memory page ID to the server which tries to map the shared memory
> > page, verifies the pattern and returns either fault or OK.
> >
> > <snip>
> >
> > Is this an acceptable approach security-wise?
> > Are there simpler ways?
>
> getsockname(3) on the connection fd. It's local if one of:
>
> - family is PF_UNIX
> - family is PF_INET and address is 127.0.0.1
> - family is PF_INET6 and address is ::1
> - family is PF_DECnet and address is whatever the DECnet loopback address is
> (probably you don't need to worry about this case)
BTW: Solaris has a shared-memory transport (AFAIK HP-UX, too) ... but I
am not sure whether this is indicated via a seperate socket family or
just handled internally by Xlib.
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) roland.mainz at nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 7950090
(;O/ \/ \O;)
More information about the xorg
mailing list