Bug 180468 - LOCAL_PEERCRED support for PF_INET
Summary: LOCAL_PEERCRED support for PF_INET
Status: Closed Overcome By Events
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 9.1-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: Bugmeister
URL:
Keywords: feature
Depends on:
Blocks:
 
Reported: 2013-07-11 15:10 UTC by Nicholas Wilson
Modified: 2025-03-20 10:23 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Nicholas Wilson 2013-07-11 15:10:00 UTC
It would be very nice if inet connections over loopback supported LOCAL_PEERCRED. On Solaris, when you make a connection over a loopback device, getpeerucred "just works" and gives you the pid and uid of the connecting process on the local system.

This could be used to easily enhance the security of programs like OpenSSH: the ssh-agent uses a domain socket with getpeereid to verify the identity of connecting users, but if I run "ssh -D localhost:9999 ..." it runs an inet listener that any user can connect to. Being able to use the same credentials check here would be handy and plug a gap in our API.
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2013-07-11 16:47:12 UTC
State Changed
From-To: open->suspended

Feature request.  Mark as suspended awaiting someone to create patches. 


Comment 2 Mark Linimon freebsd_committer freebsd_triage 2013-07-11 16:47:12 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-net
Comment 3 Eitan Adler freebsd_committer freebsd_triage 2018-05-28 19:41:27 UTC
batch change:

For bugs that match the following
-  Status Is In progress 
AND
- Untouched since 2018-01-01.
AND
- Affects Base System OR Documentation

DO:

Reset to open status.


Note:
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.
Comment 4 Mark Linimon freebsd_committer freebsd_triage 2025-01-25 07:29:09 UTC
^Triage: to submitter: is this aging PR still relevant?
Comment 5 Nicholas Wilson 2025-01-25 14:25:36 UTC
No, I do not require this anymore.

It would be nice to have, in theory, since someone might find a use for it (and for parity with Solaris), but our application has moved in the last 11 years and I don't have any immediate use of it myself.

Feel free to close as "won't fix".
Comment 6 Mark Linimon freebsd_committer freebsd_triage 2025-03-20 10:23:30 UTC
^Triage: apparently this is EWONTFIX.