UNIX domain sockets [was Re: dce/rpc services]

Michael Tokarev mjt at tls.msk.ru
Wed Aug 23 11:35:04 GMT 2000

Gerald Carter wrote:
> My understanding of Luke's implementation and how
> it could (should) work is this...
>   * The UNIX domain socket is only available to
>     root processes.

No, this is wrong.  Them are just like other regular files
(but not like devices -- you should be root to do mknod),
and have usual file permissions (but broken (not honored)
on some systems).  Any process can create socket where it
can create regular file, and any process can use that socket
the same like for regular file.  The most good comparision
here is FIFO.

But wait -- maybe _I'm_ wrong, and there are some unices
around that have _so_ broken sockets implementation that
requires to be root to create/use them !?
At least all unices around me (linux, many versions of
solaris, sco, old-good interactive unix) all (almost)
are ok here.  `Almost' is becouse some of them ignores
chmod and permissions for the sockets, but this can be
trivially cured by introducing additional subdir for
each socket that will hold necessary permissions.


More information about the samba-technical mailing list