HPE Community
Operating System - HP-UX
1833527 Members
3277 Online
110061 Solutions
New Discussion

Any way to secure the socket FD

 
Sumanth N
Occasional Advisor

‎11-23-2005 11:27 PM

‎11-23-2005 11:27 PM

Any way to secure the socket FD

Hello,
I have a Listening socket on port 2345. Is there any way that to set permissions to Socket FD so that only root process can read/write through it.

or any other ways to secure the FD?
Thanks,
Sumanth
0 Kudos
Reply
2 REPLIES 2
Kiran Kumar M
Advisor

‎11-28-2005 02:47 AM

‎11-28-2005 02:47 AM

Re: Any way to secure the socket FD

I don't think this is possible. It may be be possible if you are using local sockets where you can create physical socket descriptors.
0 Kudos
Reply
rick jones
Honored Contributor

‎11-28-2005 05:35 AM

‎11-28-2005 05:35 AM

Re: Any way to secure the socket FD

Are you trying to limit access to the _port number_ to just root, or to the actual file descriptor that is the socket in the context of a particular process?

IIRC, no other process (at least no other process not forked from this one) can access that particular FD.

As for the _port number_ well, above 1024 those are first-come, first served. Now, if you are the first, and do not happen to set SO_REUSEADDR or SO_REUSEPORT then no other application will be able to bind() to that port number. Particularly if your application happens to have called bind() with that port number and the various IP addresses on the system. (Not just INADDR_ANY)
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.