After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 306706 - Support for OSes that do not support LOCAL_CRED
Support for OSes that do not support LOCAL_CRED
Status: RESOLVED WONTFIX
Product: gamin
Classification: Other
Component: general
unspecified
Other All
: Normal normal
: ---
Assigned To: Gamin Maintainer(s)
Gamin Maintainer(s)
gnome[unmaintained]
Depends on:
Blocks:
 
 
Reported: 2005-06-06 20:06 UTC by Neal H. Walfield
Modified: 2018-07-01 08:47 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
patch (3.49 KB, patch)
2005-06-06 20:10 UTC, Neal H. Walfield
none Details | Review
patch (4.06 KB, patch)
2005-06-08 16:10 UTC, Neal H. Walfield
rejected Details | Review

Description Neal H. Walfield 2005-06-06 20:06:50 UTC
Please describe the problem:
Out of the box, GAMIN does not support OSes that do not support sending
credentials over sockets.  There is basic support already (in libgamin/gam_api.c
gamin_get_socket_dir() and in server/gam_channel.c
gam_client_conn_check_cred()), however, it is not complete: although gamin
correctly notices that LOCAL_CREDS is undefined and doesn't try to use to use
it, it assumes that it will receive the credentials anyway.  

Assuming the socket is correctly created (and as far as I can see this is the
case), this functionality is not needed: being able to send to the socket is the
necessary and sufficient proof of authority.

Even if we were to support sending credentials on the Hurd, there are a number
of questions the most important of which is that since a process can have
multiple effective user ids at once which one would we transmit?

The only problem with not supporting credentials is that gamin wants the pid of
the client.  As far as I can tell, it only uses it for debugging message.

My initial approach was to set it to -1 or 0 but gamin doesn't like either of
those: the former means an error occured and the latter triggers an assert. 
Currently, I just set it to getpid ().  Clearly a hack.

Steps to reproduce:
1. 
2. 
3. 


Actual results:


Expected results:


Does this happen every time?


Other information:
Comment 1 Neal H. Walfield 2005-06-06 20:10:34 UTC
Created attachment 47347 [details] [review]
patch
Comment 2 Daniel Veillard 2005-06-07 07:56:45 UTC
The check for the PID on platforms which support LOCAL_CRED is a security
feature. The goal is to make sure server and client are of the same user with
the same level of access to the filesystem. This is really a hard feature
and I would prefer the patch to appear publicly on the mailing-list for
at least an opportunity of review before applying it. People on other OSes
may have their own opinion about this and should have an opportunity to
give feedback.
Put in NEEDINFO status at this point for the reason exposed, please post to the
list to resolve this.

 thanks

Daniel
Comment 3 Neal H. Walfield 2005-06-08 16:10:41 UTC
Created attachment 47458 [details] [review]
patch

New patch against CVS.	This takes a slightly different approach: if setsockopt
fails we assume the OS doesn't have LOCAL_CRED support.  I could alternatively
change this so that we only make this assumption if setsockopt returns ENOSYS,
EOPNOTSUPP or EINVAL.
Comment 4 Daniel Veillard 2005-06-08 21:18:57 UTC
I tend to prefer that one, yes. Applied and commited,

  thanks,

Daniel
Comment 5 Daniel Veillard 2005-06-15 10:55:40 UTC
  Well the patch actually trash the authentication on Linux. HAVE_CMSGCRED
is not defined, so we end up with lack_creds == 0 and as a result, socket
credentail are not even tested and c_pid is set to getuid() whicn also
mean all the debugging infrastructure can't report the PID of the target
process anymore. This is fairly bad since this ended up in 0.1.1 and
now I have 1/ a potential security problems and 2/ a broken debugging
infrastructure. I reverted the patch in CVS

Daniel
Comment 6 André Klapper 2018-07-01 08:47:35 UTC
gamin is not under active development anymore and has not seen code changes for many years.
Its codebase has been archived: https://gitlab.gnome.org/Archive/gamin/commits/master

Closing this report as WONTFIX as part of Bugzilla Housekeeping to reflect reality. Please feel free to reopen this ticket (or rather transfer the project to GNOME Gitlab, as GNOME Bugzilla is deprecated) if anyone takes the responsibility for active development again.