Recent Linux has this commit: commit 16e5726269611b71c930054ffe9b858c1cea88eb Author: Eric Dumazet <eric.dumazet@gmail.com> Date: 2011-09-19 05:52:27 +0000 af_unix: dont send SCM_CREDENTIALS by default Since commit 7361c36c5224 (af_unix: Allow credentials to work across user and pid namespaces) af_unix performance dropped a lot. ... This patch includes SCM_CREDENTIALS information in a af_unix message/skb only if requested by the sender, [man 7 unix for details how to include ancillary data using sendmsg() system call] Note: This might break buggy applications that expected SCM_CREDENTIAL from an unaware write() system call, and receiver not using SO_PASSCRED socket option. If SOCK_PASSCRED is set on source or destination socket, we still include credentials for mere write() syscalls. so we need to do at least one of these: * teach the Python (Twisted) code to send ancillary data (probably somewhat difficult) * have Gabble enable SO_PASSCRED before telling the Tubes client about the socket, instead of enabling it just in time for the relevant read, and keep it enabled until the creds have been passed
Of course, using GLib for the credentials-passing would also be good (but we'll have to check that it doesn't have the same bug). I also spotted a related problem when receiving creds: we blindly assume that the CMSG_FIRSTHDR is of type (SOL_SOCKET, SCM_CREDENTIALS), rather than iterating through all cmsg headers.
I disabled the test for now with this commit: 8d7efad30c8633d6df4a0635eb7f78f2fa326e9a
-- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/telepathy/telepathy-gabble/issues/205.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.