Hi Jorge, on Sat, 1 Feb 2003 09:54:34 -0300 (CLST) Jorge Arellano Cid <jcid@softhome.net> wrote:
The point is: testing it. Sadly I didn't received more than a single comment of its working. Now I'm asking again: please download the latest CVS, the bookmarks server, intall them, play with them, test and report how it works for you.
Everything compiled without problems on i686 GNU/Linux. I got one problem: the bm_srv12 displayed the following when it was attempted to open the bookmark page: bm_srv12: accepting connections... [accept]: Invalid argument checking why, I found the bug was that the accept() function was called with an uninitialized *addrlen (third) argument. According to the man page on GNU/Linux, "The addrlen argument is a value-result parameter: it should initially contain the size of the structure pointed to by addr; on return it will contain the actual length (in bytes) of the address returned. When addr is NULL nothing is filled in." So I made the following patch: --- bm_srv12.c Fri Jan 31 17:22:36 2003 +++ bm_srv12_modified.c Sat Feb 1 22:00:23 2003 @@ -1694,7 +1694,7 @@ int main (void) { struct sockaddr_un pun; int sock_descriptor; int temp_sock_descriptor; - int address_size; + int address_size = sizeof(struct sockaddr_un); char buf[16384]; int st, code; Concerning Unix sockets, I read on GNU/Linux' "man 7 unix", that many BSD derivatives do not guarantee the permissions, so anyone could read and modify the bookmarks of another user. That is, unless I missed something. " NOTES In the Linux implementation, sockets which are visible in the filesystem honour the permissions of the directory they are in. Their owner, group and their permissions can be changed. Creation of a new socket will fail if the process does not have write and search (execute) permis sion on the directory the socket is created in. Connect ing to the socket object requires read/write permission. This behavior differs from many BSD derived systems which ignore permissions for Unix sockets. Portable programs should not rely on this feature for security. " However, I do not have any suggestions here. Farvel (Danish: Farewell) -- Melvin Hadasht