[Info-vax] Apache + mod_php performance
Dan Cross
cross at spitfire.i.gajendra.net
Fri Oct 11 13:45:30 EDT 2024
In article <vebjse$3nq13$1 at dont-email.me>,
Dave Froble <davef at tsoft-inc.com> wrote:
>On 10/11/2024 9:30 AM, Dan Cross wrote:
>>[snip]
>> As I gather, on VMS the analogous mechanism works since a) every
>> socket on the system is associated with a unique device name in
>> some global namespace, and b) once known, an unrelated process
>> can $ASSIGN that device name, subject to authorization checking
>> enforced by the system. The authorization checks seem to be
>> either, a) a process/subprocess relationship, or b) the
>> assigning process has the SHARE privilege; it's not clear to me
>> what else could go into those checks and how that interacts with
>> e.g. SO_SHARE; presumably at least UIC checks or something must
>> be completed?
>
>The share flag is for the device.
Ok, sure. But does that mean that there's _no_ authorization
checking of any kind to access the device? For example, no
checking UICs or ACLs or something? If I set SO_SHARE on a
socket, can _any_ process on the system, regardless of who it is
running as, access that socket?
- Dan C.
More information about the Info-vax
mailing list