mirror of https://github.com/mkerrisk/man-pages
unix.7: Update text on socket permissions on other systems
At least some of the modern BSDs seem to check for write permission on a socket. (I tested OpenBSD 5.9.) On Solaris 10, some light testing suggested that write permission is still not checked on that system. See https://bugzilla.kernel.org/show_bug.cgi?id=120061 (and https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402) Reported-by: Carsten Grohmann <carstengrohmann@gmx.de> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
44cca454d2
commit
7f98a23983
|
@ -232,7 +232,7 @@ connecting to a stream socket object requires write permission on that socket;
|
||||||
sending a datagram to a datagram socket likewise
|
sending a datagram to a datagram socket likewise
|
||||||
requires write permission on that socket.
|
requires write permission on that socket.
|
||||||
POSIX does not make any statement about the effect of the permissions
|
POSIX does not make any statement about the effect of the permissions
|
||||||
on a socket file, and on many systems (e.g., several BSD derivatives),
|
on a socket file, and on some systems (e.g., older BSDs),
|
||||||
the socket permissions are ignored.
|
the socket permissions are ignored.
|
||||||
Portable programs should not rely on
|
Portable programs should not rely on
|
||||||
this feature for security.
|
this feature for security.
|
||||||
|
|
Loading…
Reference in New Issue