I’ve added functionality which complements the pipe notification support.
Now it is possible to inquire as to the remote process ID, user ID, group
ID, and (for Solaris / illumos only) even zone ID.
These are exposed via new properties. Obviously we can’t support all of
them everywhere (user IDs and group IDs only really make sense on POSIX
style systems for example), but for a substantial percentage of real-world
systems we have them.
Docs are included. See nng_ipc.7.
This should make building secure systems that need to cross permission
boundaries (e.g. a minimized agent that needs to run as root, and should
only be trusted by a server if it can be proven that the remote agent is in
fact the super user) much easier. (For example, you can simply reject a
pipe in the pipe callback if the peer credentials are not acceptable.)
Enjoy!
- Garrett
