HardenedBSD src tree
Go to file
Bill Paul 0b788fa1da Add support to sendmsg()/recvmsg() for passing credentials between
processes using AF_LOCAL sockets. This hack is going to be used with
Secure RPC to duplicate a feature of STREAMS which has no real counterpart
in sockets (with STREAMS/TLI, you can apparently use t_getinfo() to learn
UID of a local process on the other side of a transport endpoint).

What happens is this: the client sets up a sendmsg() call with ancillary
data using the SCM_CREDS socket-level control message type. It does not
need to fill in the structure. When the kernel notices the data,
unp_internalize() fills in the cmesgcred structure with the sending
process' credentials (UID, EUID, GID, and ancillary groups). This data
is later delivered to the receiving process. The receiver can then
perform the follwing tests:

- Did the client send ancillary data?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- The the client send data of type SCM_CREDS?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- Is the cmsgcred structure the right size?
	o Yes, proceed.
	o No, signal a possible error.

The receiver can now inspect the credential information and use it to
authenticate the client.
1997-03-21 16:12:32 +00:00
bin
contrib
eBones
etc
games
gnu
include
lib
libexec
lkm
release Add Iceland. 1997-03-21 05:18:20 +00:00
sbin
secure
share Catch up with the original. 1997-03-21 09:46:34 +00:00
sys Add support to sendmsg()/recvmsg() for passing credentials between 1997-03-21 16:12:32 +00:00
tools
usr.bin
usr.sbin Add Iceland. 1997-03-21 05:18:20 +00:00
COPYRIGHT
Makefile
README

This is the top level of the FreeBSD source directory.  This file
was last revised on: $Id$

For copyright information, please see the file COPYRIGHT in this
directory (additional copyright information also exists for some
sources in this tree - please see the specific source directories for
more information).

The Makefile in this directory supports a number of targets for
building components (or all) of the FreeBSD source tree, the most
commonly used one being ``world'', which rebuilds and installs
everything in the FreeBSD system from the source tree except the
kernel.  Please see the top of the Makefile for more information on
the standard build targets and compile-time flags.

Building a kernel with config(8) is a somewhat more involved process,
documentation for which can be found at:
   http://www.freebsd.org/handbook/kernelconfig.html
And in the config(8) man page.

The sample kernel configuration files reside in the sys/i386/conf
sub-directory (assuming that you've installed the kernel sources), the
file named GENERIC being the one used to build your initial installation
kernel.  The file LINT contains entries for all possible devices, not
just those commonly used, and is meant more as a general reference
than an actual kernel configuration file (a kernel built from it
wouldn't even run).


Source Roadmap:
---------------
bin		System/User commands.

contrib		Packages contributed by 3rd parties.

eBones		Kerberos package - NOT FOR EXPORT!

etc		Template files for /etc

games		Amusements.

gnu		Various commands and libraries under the GNU Public License.
		Please see gnu/COPYING* for more information.

include		System include files.

lib		System libraries.

libexec		System daemons.

lkm		Loadable Kernel Modules.

release		Release building Makefile & associated tools.

sbin		System commands.

secure		DES and DES-related utilities - NOT FOR EXPORT!

share		Shared resources.

sys		Kernel sources.

tools		Utilities for regression testing and miscellaneous tasks.

usr.bin		User commands.

usr.sbin	System administration commands.


For information on synchronizing your source tree with one or more of
the FreeBSD Project's development branches, please see:

  http://www.freebsd.org/handbook/synching.html