Re: Duplicating Unix Domain Sockets

[David E Euresti <davie@MIT.EDU>]

On Tue, 4 Jun 2002, egor duda wrote:

> Hi!
>
> It's not enough to just pass numerical value of descriptor between
> processes. Each cygwin fd has several win32 handles associated with
> it, which are used to actually do the job, to read or write the data,
> to perform synchronization, etc. If you want to pass fd1 from proc1 to
> proc2, you have to duplicate all win32 handles associated with fd1
> into address space of proc2. This can be done by DuplicateHandle ()
> function, but if you take a look on its docs on msdn, you'll see that
> it requires process handles of proc1 and proc2 to work. Given that
> proc1 and proc2 can be absolutely unrelated and run from different
> accounts, there's no secure way to obtain those process handles
> without help from some mediator process which run at high enough level
> of privileges.

Oh I know it's not enough just passing a number.  I've already got a user
land application passing file descriptor by passing

struct passfd {
  unsigned int uiMagic;  // Magic number to see if it's right
  DWORD dwProcessID;     // Process ID of sender
  HANDLE hHandle;        // Handle in sender's process
  BOOL bBinary;          // is it Binary or Text?
  BOOL bRead;            // Is it read?
  BOOL bWrite;           // Is it write
  DWORD dwDevice;        // Device type as listed in windows_device_names
in path.cc
};

So basically I pass this info in at the beginning of a packet.  And then
the receiving end calls DuplicateHandle, followed by cygwin_handle_to_fd.
It works well except it doesn't mark the right socket types.  i.e. UDP,
TCP, AF_UNIX etc.  (I've sent the code before search for my name in the
archive and you'll find it titled "File Descriptor passing fun".

Another problem with this is that there's a bit of synchronization needed
because the sending process can't close the socket until it's been
duplicated.  This will actually happen in the suggestion I had.

> That's what cygwin daemon is for -- to provide a
> services that require high privileges to normal non-privileged
> processes. After such handle duplication service (with appropriate
> security checks) is implemented in cygwin daemon, it would be simple
> to augment AF_UNIX sockets protocol to be able to pass auxiliary
> information such as fds.
>

Well as I have to have this to graduate, I could work on this. But
somebody needs to tell me where to start looking.  Because i've looked
through the source and I don't really get it.

Thanks,
David


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/