Moving the agent's socket to /var/run ?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Feb 24 03:18:29 CET 2016
On Tue 2016-02-23 16:42:21 -0800, Kristian Fiskerstrand wrote:
> On 02/24/2016 12:15 AM, Bertrand Jacquin wrote:
>> abstract namespace were introduced with Linux. See man 7 unix.
> I'm asking because I'm not familiar with abstract sockets but. Ok, its
> implemented in Linux, but is it portable? is it POSIX?
The abstract socket namespace is a nonportable Linux extension.
What are the permissions on sockets? is each peer supposed to do its own
authorization on the basis of PEERCRED or something like that? I'm not
convinced this is a good idea.
> How would this work with socket forwarading over SSH for gpg-agent ?
i don't think that OpenSSH supports forwarding abstract sockets at all.
More information about the Gnupg-devel