On Sat, 25.12.10 11:51, Casey Dahlin (cdahlin@redhat.com) wrote:
Could you explain a bit perhaps? I'm not familiar with them... (or maybe you have a url I could surf to?)
Basically, you put a \0 in front of the path when you bind the socket. So, for example, bind to "\0/jack/socket". Yes, that looks weird, but it works. The socket will not appear anywhere in the filesystem, but can still be opened by using that wonky path from anywhere. When no longer referenced the socket will simply disappear.
Here's a link, though it takes awhile to get to the point: http://blog.eduardofleury.com/archives/2007/09/13/
BTW: I can only ask everybody to be very careful with abstract namespace sockets, since there is no access control applied to the namespace: everbody can allocate any socket. If jack would hardcode the socket it uses to \0/org/jack/socket or so, then a) only one user could run jack at a time, b) an evil user could simply allocate that socket and thus ensure that nobody else can run jack anymore (DoS) and c) jack clients of other users might try to connect to a jack instance belonging to one user, which might create confusion and errors.
If you place a socket in a dir such as $XDG_RUNTIME_DIR these problems don't exist, since that dir belongs to the user, and only the user, so nobody else can allocate sockets in it or connect to it, which fixes the problems pointed out above.
Or to turn this around: abstract namespace sockets are only safe to use if they:
a) use a randomized name (which makes them a less lot useful, since you need to add some additional logic to find out what name they have for your application)
or
b) use a fixed name, but only by a system daemon that is started early at boot (i.e. at a time were no evil user could be logged in) and is never restarted (so that no time window exists wher the socket is unallocated during normal runtime where evil users could take advantage of).
That basically means that besides systemd itself and maybe the D-Bus system bus almost nobody can safely use fixed name abstract namespace sockets. In particular user code that uses fixed name abstract namespace sockets is necessarily vulnerable to DoS attacks.
Yes, abstract namespace sockets only have a very limited use.
Lennart