[Dev] Access control design for user applications

Patrick Ohly patrick.ohly at intel.com
Wed Apr 16 11:03:28 GMT 2014


On Wed, 2014-04-16 at 12:07 +0200, Rafał Krypa wrote:
> On 2014-04-16 09:13, Patrick Ohly wrote:
> > How will the app receive the reply if it can't read from the "User"
> > domain? My guess is that this works because the data that it needs to
> > read was explicitly written to by a service in the "User" domain, but I
> > am not sure.
> 
> Communication over UDS requires only write permissions. The client
> (connecting side) needs write access to the server. The server should
> also require write access to the client. The latter was found missing
> is Smack as well, but it's already patched (not backported to Tizen
> kernel yet).

So when connecting to the UDS of a service, the client does fd =
socket(AF_UNIX, SOCK_STREAM), then connect(fd, path), and it will get a
read/write fd connected to the service even if it only has write access
to the socket's label. Okay, I'm starting to understand, I suppose.

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.





More information about the Dev mailing list