From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.135]) by sourceware.org (Postfix) with ESMTPS id B20FF386F035 for ; Wed, 18 Nov 2020 08:34:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org B20FF386F035 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=cygwin.com Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=corinna-cygwin@cygwin.com Received: from calimero.vinschen.de ([24.134.7.25]) by mrelayeu.kundenserver.de (mreue009 [212.227.15.167]) with ESMTPSA (Nemesis) id 1Mzz6s-1kIWun3PdO-00x6Uw for ; Wed, 18 Nov 2020 09:34:47 +0100 Received: by calimero.vinschen.de (Postfix, from userid 500) id 24A85A80951; Wed, 18 Nov 2020 09:34:47 +0100 (CET) Date: Wed, 18 Nov 2020 09:34:47 +0100 From: Corinna Vinschen To: cygwin-developers@cygwin.com Subject: Re: AF_UNIX status report Message-ID: <20201118083447.GL41926@calimero.vinschen.de> Reply-To: cygwin-developers@cygwin.com Mail-Followup-To: cygwin-developers@cygwin.com References: <38e33f7a-e87d-fea8-ac9e-826f94c189d4@cornell.edu> <20201104120304.GF33165@calimero.vinschen.de> <88b3dfe6-a67d-c597-afe2-4edb13cee5d7@cornell.edu> <20201105172140.GP33165@calimero.vinschen.de> <80cb96b8-065d-b146-b879-170031ba28b5@cornell.edu> <20201106091240.GT33165@calimero.vinschen.de> <99e02f87-1c58-ce6f-58e0-0deb26c4c899@cornell.edu> <20201109090812.GV33165@calimero.vinschen.de> <6c3e9c53-8575-de80-be2d-49af2b87eaa5@cornell.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <6c3e9c53-8575-de80-be2d-49af2b87eaa5@cornell.edu> X-Provags-ID: V03:K1:abyJvsHzYt3bkLnRcBhfHZFLe6ZimeknpDRG3OPDBluK0dZbydw RMM6qH2Zc0bEicBEV6wCqDMGl0C5h9zmj/RrNTA/jjWoLDgwlZdiuwm7ollKhNMf7lGsGZs VtpPDdf+3WNL1Fd7XuMtuFx/EhvatWN/Tpm/qR8U2tdQarLfutKHrzwE0HVnis64kcZgpoJ Exlcawfw4CEG9VEg7etgQ== X-UI-Out-Filterresults: notjunk:1;V03:K0:R/yec9hIdxg=:6Vt4Tx0hIOs17+qwsUVXk3 GgTF0EHi0HIe2x9rhBSsBJwwsleFimwohcFlyIfCCXQuCL8SJtqcHtacxaW9YOWepSkw/jRU/ eTEL3Y77rEvoyWkXdC79P28qyihDDIHZ/3G6xGTRkKDVSr52dmuh4/0YMdu86GCYnt/ykB6Pj EUPZmY1gYpCxVoD2gr3bP6w3f0Dkxq+PXjw4j3qeer8BfNCMOoehFOFseO7GvG0dvOtQgwSd9 nY0oe0MqrFYXtzG3kroFZaNkmGhq8Ugv3eopl73Cv3ttU5aFnsTwwfknbTICKzEWpT7N6RxDT kBL5NsYwVBLX+iw37jSLk+5YXkvHcnS4OzKbRLlbeKYwtj1jCPRv/1rZj7OdpEK9SqHm+lYkl LqNKJQKKt0gVItdiEMflHpHeYs5nhhuBJtvyHd/GJjm7/ixfXM7cMbjSDHGRYxJfo8QNLNAlJ 72eDW1k31A== X-Spam-Status: No, score=-100.6 required=5.0 tests=BAYES_00, GOOD_FROM_CORINNA_CYGWIN, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NEUTRAL, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin-developers@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Cygwin core component developers mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Nov 2020 08:34:51 -0000 On Nov 17 14:57, Ken Brown via Cygwin-developers wrote: > On 11/9/2020 4:08 AM, Corinna Vinschen wrote: > > The duplicated handle has to be closed at one point but otherwise > > the approach makes sense. > > After wasting a ridiculous amount of time because of careless mistakes with > handle duplication, I've finally gotten something working (currently for > disk files only and with some limitations that have to removed). I've > pushed it to the topic/af_unix branch in case you want to review it and/or > test it. This is soooo fantastic! Apart from files, the nexst most interesting case is sharing a socket, probably. We could activcate the 2nd half of privilege separation in sshd then. > If you do test it, the main limitation currently is that the sending process > can't exit until the receiving process has received and processed the > SCM_RIGHTS data. While this is strictly a flaw, that may not be much of a limitation. It would be interesting to know how many applications send descriptors just to exit immediately. Not so many, probably. > I'll keep working on improving this and removing limitations, but at least > I'm confident now that the basic idea of sending serialized fhandlers works. > Thanks for suggesting that. I wouldn't have known where to start otherwise. Thanks for working on this stuff! Corinna