Thursday, February 23, 2012

ancillary data definition

Although it is very difficult to prove the identity of a remote user over the Internet, it is a simple matter for the Linux kernel to identify another user on the same host. This makes it possible for PF_LOCAL/PF_UNIX sockets to provide credentials to the receiving end about the user at the other end. The only way for these credentials to be compromised would be for the kernel itself to be compromised in some way (perhaps by a rogue kernel loadable module).

Credentials can be received as part of ancillary data that is received with a communication. Ancillary data is supplementary or auxiliary to the normal data. This brings up some points that are worth emphasizing here:
  • Credentials are received as part of ancillary data.
  • Ancillary data must accompany normal data (it cannot be transmitted on its own).
  • Ancillary data can also include other information such as file descriptors.
  • Ancillary data can include multiple ancillary items together (such as credentials and file descriptors at the same time).
The credentials are provided by the Linux kernel. They are never provided by the client application. If they were, the client would be allowed to lie about its identity. Because the kernel is trusted, the credentials can be trusted by the process that is interested in the credentials. As noted in the list, you now know that file descriptors are also transmitted and received as ancillary data. However, before you can start writing socket code to use these elements of ancillary data, you need to be introduced to some new programming concepts.
Ancillary data is referred to by several different terms. Other names for ancillary data include auxiliary or control data. In the context of PF_LOCAL/PF_UNIX sockets, these all refer to the same thing.

See Also:

No comments:

Post a Comment