17. Passing Credentials and File Descriptors
If you share your Linux host with other users, you might have had reason to struggle with certain resource access issues. In this chapter, you will see how credentials can be obtained from a local socket and how file descriptors can be transmitted by sockets as well. These two important features open an entirely new avenue of security access solutions for your users, while keeping your machine secure.
These features are provided for by the use of socket ancillary data. This is an advanced topic, which might be beyond what many beginning programmers want to tackle. Beginners might want to simply skim this chapter or skip to the next.
The intermediate to advanced readers, however, will want to study this chapter carefully, as an introduction to the processing of ancillary data. Emphasis has been placed on a practical example that can be studied and experimented with.
This chapter covers the following topics:
How to send user credentials to a local server process
How to receive and interpret user credentials
How to send a file descriptor to another process on the local host
How to receive a file descriptor from another process on the local host