sssd.git/src/tests/responder_socket_access-tests.c, branch simo Unnamed repository; edit this file to name it for gitweb. Include talloc log in our debug facility 2012-10-29T16:15:37+00:00 Michal Zidek mzidek@redhat.com 2012-10-15T13:24:15+00:00 9e2c64c6d4f5560e27207193efea6536a566865e https://fedorahosted.org/sssd/ticket/1495 
https://fedorahosted.org/sssd/ticket/1495
pac responder: limit access by checking UIDs 2012-07-10T13:07:26+00:00 Sumit Bose sbose@redhat.com 2012-07-05T08:50:08+00:00 2d257ccf620ce1b611f89cec8f0a94c88c2f2881 A check for allowed UIDs is added in the common responder code directly after accept(). If the platform does not support reading the UID of the peer but allowed UIDs are configured, access is denied. Currently only the PAC responder sets the allowed UIDs for a socket. The default is that only root is allowed to access the socket of the PAC responder. Fixes: https://fedorahosted.org/sssd/ticket/1382 
A check for allowed UIDs is added in the common responder code directly
after accept(). If the platform does not support reading the UID of the
peer but allowed UIDs are configured, access is denied.

Currently only the PAC responder sets the allowed UIDs for a socket. The
default is that only root is allowed to access the socket of the PAC
responder.

Fixes: https://fedorahosted.org/sssd/ticket/1382