Moving the agent's socket to /var/run ?

Daniel Kahn Gillmor dkg at
Wed Feb 24 03:18:29 CET 2016

On Tue 2016-02-23 16:42:21 -0800, Kristian Fiskerstrand wrote:
> On 02/24/2016 12:15 AM, Bertrand Jacquin wrote:
>> abstract namespace were introduced with Linux. See man 7 unix.
> I'm asking because I'm not familiar with abstract sockets but. Ok, its
> implemented in Linux, but is it portable? is it POSIX?

from unix(7):

    The abstract socket  namespace is a nonportable Linux extension.

What are the permissions on sockets? is each peer supposed to do its own
authorization on the basis of PEERCRED or something like that?  I'm not
convinced this is a good idea.

> How would this work with socket forwarading over SSH for gpg-agent ?

i don't think that OpenSSH supports forwarding abstract sockets at all.


More information about the Gnupg-devel mailing list