[OTR-users] Pretty-please standardize OTR signature storage, per OS.

Tamme Schichler tammeschichler at googlemail.com
Tue Sep 10 20:28:09 EDT 2013


Am 11.09.2013 01:03, schrieb Daniel Kahn Gillmor:
> On 09/10/2013 06:50 PM, Tamme Schichler wrote:
>> I just looked at alternatives and it seems that named pipes can have
>> security settings that allow only a certain user to access them. They
>> should otherwise work like a loopback socket, just with a different
>> (better) namespace. I never used them before, so I didn't know about
>> this possibility.
>
> we're talking here about a server process that needs to mediate
> concurrent access with multiple clients.  I don't think named pipes are
> the answer.  if you're using a unix-domain socket on a modern OS, you
> should be able to use the SO_PEERCRED sockopt to determine (and limit)
> the identity of the connecting peer.
>
> 	--dkg
>

Named pipes on Windows are the closest equivalent to unix domain sockets 
that's available and have the exact security feature that's needed. (see 
the last paragraph here: 
http://msdn.microsoft.com/en-us/library/windows/desktop/aa365600%28v=vs.85%29.aspx 
)

Using SO_PEERCRED sounds like a good idea, in case the file system 
permissions don't already cover this. The socket location needs to 
change between users to avoid collisions anyway, so I think giving it 
the same file permissions as the actual database would give as much 
security as effective. (I could be mistaken here, as I said before I 
don't know that much Unix.)

(I accidentally didn't send this to the list the first time.

-Tamme)



More information about the OTR-users mailing list