Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!usc!apple!sun-barr!newstop!sun!snafu!lm
From: lm@snafu.Sun.COM (Larry McVoy)
Newsgroups: comp.unix.wizards
Subject: Re: socket -> UID
Message-ID: <130308@sun.Eng.Sun.COM>
Date: 16 Jan 90 05:56:20 GMT
References: <832@unipas.fmi.uni-passau.de>
Sender: news@sun.Eng.Sun.COM
Reply-To: lm@sun.UUCP (Larry McVoy)
Organization: Sun Microsystems, Mountain View
Lines: 25

In article <832@unipas.fmi.uni-passau.de> hessmann@unipas.fmi.uni-passau.de (Georg Hessmann) writes:
>Two processes communicate with the help of a socket. 
>(Socket has the type PF_INET, SOCK_STREAM)
>The first process runs as a background demon (using inetd) and waits
>for incoming messages from the second process.
>
>Problem:
>How can the first process obtain the UID and GID of the second process 
>right from the socket without any extra message from the second process.
>
>We want to disable/enable services of process one for certain 
>UID's and GID's without changing the source code of the second process.

Well, this is a bummer.  You can do it if really have to, but it requires
that
(1) both sockets must be on the same machine, and
(2) having an indepth knowledge that machine's socket implementation.

If you have both of those, the inetd-like process could open /dev/kmem and
grovel around, looking for the socket that was sending, and figure out
to whom it belonged (I think).  You don't want to try this at home, campers,
so the real answer is: "you can't."
---
What I say is my opinion.  I am not paid to speak for Sun, I'm paid to hack.
    Besides, I frequently read news when I'n drjhgungh, err, um, drunk.