On Tue, Mar 04, 2014 at 08:21:48AM +0100, Michael Haubenwallner wrote: > On 03/04/2014 04:21 AM, Noah Misch wrote: > > POSIX specifies EACCES as a "may fail" condition for connect() on an AF_UNIX > > socket; it is a "shall fail" condition for open(). I take this to mean > > that a > > conforming connect() implementation could ignore directory search > > permissions > > and/or the socket's own file mode. Indeed, a couple of decades ago, some > > systems did ignore the socket's own file mode: > > > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402 > > > > Do any porting targets of contemporary relevance still behave this way? If > > so, which OS versions are known affected? I have attached a test program > > that > > illustrates the exact behavior in question, which you can use to test your > > own > > system if curious. > > CVE tells Solaris 2.x: > Can't say for Solaris 2.11, but Solaris 2.10 (sparc & x86) here is affected.
Thanks. That's enough to justify coping with such behavior in new software.
