socket -> UID

[Barry Margolin]

I've redirected followups to comp.protocols.tcp-ip, since this discussion
is no longer Unix-specific.
In article <20784 at stealth.acf.nyu.edu> brnstnd at stealth.acf.nyu.edu (Dan Bernstein) writes:
>In article <1990Jan15.053647.24388 at athena.mit.edu> jik at athena.mit.edu (Jonathan I. Kamens) writes:
>>   This can't be done.  An Internet domain socket doesn't have any UID or GID
>> information associated with it;
>It should. The Internet inherited that administrative flaw from the Arpanet.

No, it shouldn't.  UID's and GID's are inherently OS-specific; some systems
use numbers, some use character strings, and some may use arbitrarily
complex data structures.  Additionally, some protocols are not used between
user processes, but between systems in general (what UID should be
associated with ICMP datagrams?  what's the UID on a terminal
concentrator?).

The primary purpose of transport protocols such as TCP is to make a single
physical link appear to be multiple links (i.e. multiplexing).  Since
simple links don't pass user identity along, multiplexed links don't need
to, either.  Application protocols should be independent of the mechanism
used to establish the link; if they need to know user identities, then
they'll need to pass it themselves when used over simple links, so it would
be redundant to have the multiplexing protocol pass it as well.

--
Barry Margolin, Thinking Machines Corp.

barmar at think.com
{uunet,harvard}!think!barmar