[OTR-users] Pretty-please standardize OTR signature storage, per OS.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Sep 10 19:03:54 EDT 2013
On 09/10/2013 06:50 PM, Tamme Schichler wrote:
> I just looked at alternatives and it seems that named pipes can have
> security settings that allow only a certain user to access them. They
> should otherwise work like a loopback socket, just with a different
> (better) namespace. I never used them before, so I didn't know about
> this possibility.
we're talking here about a server process that needs to mediate
concurrent access with multiple clients. I don't think named pipes are
the answer. if you're using a unix-domain socket on a modern OS, you
should be able to use the SO_PEERCRED sockopt to determine (and limit)
the identity of the connecting peer.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20130910/9bc39cec/attachment.pgp>
More information about the OTR-users
mailing list