Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!mit-eddie!mit-amt!mit-caf!vlcek
From: vlcek@mit-caf.MIT.EDU (Jim Vlcek)
Newsgroups: comp.unix.questions
Subject: Servers, sockets & security
Message-ID: <2914@mit-caf.MIT.EDU>
Date: 26 Jul 89 01:28:56 GMT
Reply-To: vlcek@mit-caf.UUCP (Jim Vlcek)
Distribution: na
Organization: Microsystems Technology Laboratories, MIT
Lines: 22

I would like to design a simple server to help automate a
signup/signoff type of scheduler.  This would involve accepting
requests for a certain resource to be allocated to a user on a
specified date, checking to see that the target date is open, and
allocating it if it is.  Conversely, the signoff procedure would check
the specified date to see that it is allocated to the user seeking to
sign it off, and deallocate the date if so.

I'm working under 4.3BSD, and using sockets to connect the server to
the signup/signoff clients.  This avoids giving write access to the
schedule file to all qualified users (with obvious security
problems!), as would be necessary in the absence of a server.

What I'd like to know is: how can I verify the identity of a client
seeking to sign off?  This is to say, how can I keep someone from
creating a bogus client which falsifies it's owner's ID in order to
sign other users off?  I don't know of any way to determine the pid of
the process at the other end of a socket -- is there any?  Or should I
deny write access to the socket to all but its owner, and run the
client programs setuid?

Jim Vlcek  (vlcek@caf.mit.edu  uunet!mit-caf!vlcek)