Access control to shared memory
You cannot use groups to do this, because it isn't possible to add supplementary groups to an already-running process. However, the user-based mechanism will work fine.
Run each process under its own uid. To create a shared memory channel, the sending side creates a shared memory object with shm_open()
, specifying O_RDWR | O_CREAT | O_EXCL
and mode 0600
. Thus it is the only process with it open, and only its uid is allowed to open it. The sending side then opens a second file descriptor for the same shared memory segment, this time using O_RDONLY
. It sends this second, read-only file descriptor to the receiving process, using a SCM_RIGHTS
message over a unix domain socket. It can then close the read-only file descriptor.
The sending process and recieving process then mmap()
the shared memory. The receiving process has read-only access, and does not have the rights to upgrade it to read-write. No other processes can open it at all.