porting CCAPI to UNIX

Nicolas Williams Nicolas.Williams at sun.com
Tue May 8 11:37:25 EDT 2007

On Wed, May 02, 2007 at 06:25:09PM -0400, Ken Hornstein wrote:
> I can only tell you what I did.  At login time our credential cache
> code creates a Unix domain socket (using socketpair()), uses dup2()
> to make the descriptor the maximum value possible (you look at the
> maximum number of descriptors available via getrlimit()) and use
> setrlimit to make the maximum descriptor one below that.  E.g, say
> the maximum descriptor value is 1023; you use dup2() to make your
> communication descriptor 1023, and use setrlimit() to make the
> maximum descriptor value 1022.  This doesn't _prevent_ processes
> from closing the descriptor, but in my experience they all stop
> closing descriptors at the maximum descriptor limit.  So all processes
> that are children of login get this descriptor in their environment
> and they use it to communicate with a credential cache server that
> is forked off as part of the login process (it's more complicated
> than that, but that's the key bit of magic).  This provides
> per-login-session semantics that seems to be pretty secure (of
> course it is not perfect).
> I've been using this in production for ... oh, almost three years
> now, on a wide variety of Unixes (off the top of my head: tons of
> different Linuxes, Solaris, AIX, HP/UX, Irix; it works fine on MacOS
> X but we prefer the CCAPI on that platform), and I am continually
> surprised how well it works.  We haven't had any problems with it.
> I admit that it's gross ... but if you can tell me of a portable
> solution that has the same semantics, I would love to hear about
> it.

Watch out:  closefrom(3C) on Solaris uses fdwalk(3C), which readdirs
/proc/self/fd/ to find open file descriptors.  I.e., lowering the fildes
limits does not protect file descriptors > the fildes limit against


Also, how do you track which fildes is the magic fildes?  Do you just
add 1 to the fildes limit?


More information about the krbdev mailing list