On Sat, 2010-12-25 at 19:37 +0100, Lennart Poettering wrote:
That basically means that besides systemd itself and maybe the D-Bus system bus almost nobody can safely use fixed name abstract namespace sockets. In particular user code that uses fixed name abstract namespace sockets is necessarily vulnerable to DoS attacks.
Yes, abstract namespace sockets only have a very limited use.
On my desktop, abstract namespace sockets are twice more popular than the regular ones:
bernie@giskard:~$ netstat -ax | grep @ | wc -l 151 bernie@giskard:~$ netstat -ax | grep -v @ | grep / | wc -l 73
Most uses are from dbus, but I'm also seeing gnome-session and gvfsd-trash.