Interprocess communication on multi-user machine

Nick Maclaren nmm1 at cus.cam.ac.uk
Fri Jun 30 12:11:10 CEST 2006


In article <ldo-619CD3.21214330062006 at lust.ihug.co.nz>,
Lawrence D'Oliveiro <ldo at geek-central.gen.new_zealand> writes:
|> In article <44a41cae$0$29145$9b4e6d93 at newsread4.arcor-online.net>,
|>  Michael Butscher <mbutscher at gmx.de> wrote:
|> 
|> >Normally any user could connect to an open socket on a machine 
|> >regardless which user established the socket (the user's program, to be 
|> >precise). 
|> 
|> That's not true. On *nix systems, a socket is a file, and is subject to 
|> the usual file ownership and protection mechanisms.

I am afraid that BOTH answers are badly wrong!

Sockets are often accessed via special files, but are not files.
They may also be accessed by port numbers, for example.

Secondly, even when they are accessed via files, FIFOs generally
do NOT use the usual file ownership and protection mechanisms to
control access.  Blame Berkeley for that :-(  It is normal for the
actual file ownership and permissions to be ignored, and a similar
set (hidden internally) to be used.  You are right that there is
almost always such control.

While any user can attempt to open any socket accessed by port
number, the rules for when it is permitted are complicated to a
degree, and depend on the system, configuration and program that
is listening on that port.


Regards,
Nick Maclaren.



More information about the Python-list mailing list