diff options
| author | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-06-17 18:51:38 +0200 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-06-20 14:08:22 +0200 |
| commit | 00b78c5fdadd9b2ea69ac7e55b9ce09d2b80f54e (patch) | |
| tree | c55ad27befe59ca23424be386aa9dc2aa4d20170 /man7/unix.7 | |
| parent | 7578ea2f85b272363d22680d69e7d32f0b59c83b (diff) | |
| download | man-pages-00b78c5fdadd9b2ea69ac7e55b9ce09d2b80f54e.tar.gz | |
unix.7: Clarify ownership and permissions assigned during socket creation
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man7/unix.7')
| -rw-r--r-- | man7/unix.7 | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/man7/unix.7 b/man7/unix.7 index 5c9c1e89db..4595684c12 100644 --- a/man7/unix.7 +++ b/man7/unix.7 @@ -501,6 +501,26 @@ be used in portable programs. (Some BSD-derived systems also support credential passing, but the implementation details differ.) .SH NOTES +Binding to a socket with a filename creates a socket +in the filesystem that must be deleted by the caller when it is no +longer needed (using +.BR unlink (2)). +The usual UNIX close-behind semantics apply; the socket can be unlinked +at any time and will be finally removed from the filesystem when the last +reference to it is closed. + +To pass file descriptors or credentials over a +.BR SOCK_STREAM , +you need +to send or receive at least one byte of nonancillary data in the same +.BR sendmsg (2) +or +.BR recvmsg (2) +call. + +UNIX domain stream sockets do not support the notion of out-of-band data. +.\" +.SS Socket ownership and permissions In the Linux implementation, sockets which are visible in the filesystem honor the permissions of the directory they are in. Creation of a new socket will fail if the process does not have write and @@ -516,30 +536,18 @@ the socket permissions are ignored. Portable programs should not rely on this feature for security. +When creating a new socket, the owner and group of the socket file +are set according to the usual rules. +The socket file has all permissions enabled, +other than those that are turned off by the process +.BR umask (2). + A socket's owner, group, and permissions can be changed (using .BR chown (2) and .BR chmod (2)). .\" However, fchown() and fchmod() do not seem to have an effect -Binding to a socket with a filename creates a socket -in the filesystem that must be deleted by the caller when it is no -longer needed (using -.BR unlink (2)). -The usual UNIX close-behind semantics apply; the socket can be unlinked -at any time and will be finally removed from the filesystem when the last -reference to it is closed. - -To pass file descriptors or credentials over a -.BR SOCK_STREAM , -you need -to send or receive at least one byte of nonancillary data in the same -.BR sendmsg (2) -or -.BR recvmsg (2) -call. - -UNIX domain stream sockets do not support the notion of out-of-band data. .\" .SH BUGS When binding a socket to an address, |