• Subject: Security?
  • From: Benjamin Budai <BENJI@xxxxxxxxxxxxxx>
  • Date: Fri, 05 Jan 2001 11:54:50 +0100
  • Date: Fri, 5 Jan 2001 11:54:49 +0100

Hi,

I am currently writing a program with sockets. Besides TCP it makes use of
UNIX domain sockets, for descriptor passing. The API description for 
sendmsg() states, that the _TARGET_ of the message must be running with the
user identity of the sender or have *ALLOBJ. There is another API to do this
give_descriptor (I think), which requires the same to stand for the _SOURCE_.
What is the rationale behind having two APIs for the same purpose but with
opposite security requirements? For the sendmsg(): it just makes unix to
OS/400 portin harder, and doesn't add value. The same OS/400 allows ondinary
users change the size of shared pools (why?), respond to operator 
messages (again, why?) and there may be more.

Benjamin Budai

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].