When special message is send with regular data through unix domain socket it is possible to transfer onle one special message a time (creditionals or file descriptors), but not possible to send both, there is CMSG_NXTHDR macro to get next special message. Fix: There is very ugly patch (it can lead to fd-leak) patch assumes sizeof(int) == sizeof(struct file *), that in general not right. How-To-Repeat: Simple code that allows don't use setuids at all located here http://pm.kmost.express.ru/~pm/nosuid.tgz without patch it will not work under freebsd, but will work under linux if use macro CMSG_NXTHDR from freebsd.
Responsible Changed From-To: freebsd-bugs->dwmalone I have a large patch set in this area. Maybe you could take a look at it for me and see what you think. It also aims to clean up several other problems with control messages and unix domain sockets. You can find the patch and a short message explaining it at: fetch http://www.maths.tcd.ie/~dwmalone/unix-domain-patch Any feedback is welcome.
State Changed From-To: open->closed This has been fixed in -current and is unlikely to be fixed in -stable this late in its lifetime.