barmar@think.com (Barry Margolin) (01/18/90)
I've redirected followups to comp.protocols.tcp-ip, since this discussion is no longer Unix-specific. In article <20784@stealth.acf.nyu.edu> brnstnd@stealth.acf.nyu.edu (Dan Bernstein) writes: >In article <1990Jan15.053647.24388@athena.mit.edu> jik@athena.mit.edu (Jonathan I. Kamens) writes: >> This can't be done. An Internet domain socket doesn't have any UID or GID >> information associated with it; >It should. The Internet inherited that administrative flaw from the Arpanet. No, it shouldn't. UID's and GID's are inherently OS-specific; some systems use numbers, some use character strings, and some may use arbitrarily complex data structures. Additionally, some protocols are not used between user processes, but between systems in general (what UID should be associated with ICMP datagrams? what's the UID on a terminal concentrator?). The primary purpose of transport protocols such as TCP is to make a single physical link appear to be multiple links (i.e. multiplexing). Since simple links don't pass user identity along, multiplexed links don't need to, either. Application protocols should be independent of the mechanism used to establish the link; if they need to know user identities, then they'll need to pass it themselves when used over simple links, so it would be redundant to have the multiplexing protocol pass it as well. -- Barry Margolin, Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar