Access to IPC objects

Edit online

IPC objects are created, deleted, and accessed via several system calls that are discussed in the Trusted AIX® Programming topic. Typical users do not perform these operations. This topic presents a general overview of the rules for the creation, deletion, and access of IPC objects.

To access an IPC object, a process must pass DAC, MIC, and MAC access checks.

DAC access checks are based on the mode (owner, group, or world) of the object and the user and group IDs of the process. A process has DAC owner access to an IPC object if the process effective UID is the same as either the object owner UID or object creator UID. This also applies to DAC group access.

MAC access is based on the SLs of the process and object. MIC access is based on the TLs of the process and object.

Access rules for IPC object contents are the same as for IPC object attributes. To read either the contents or attributes of an IPC object, DAC READ, MIC READ, and MAC READ access are required. To write to an IPC object, DAC WRITE, MIC WRITE, and MAC WRITE access is required.

IPC object attributes are more tightly restricted than IPC object contents. Changing IPC object attributes therefore requires greater privilege. To modify standard AIX attributes such as mode, a process needs DAC OWNER and MAC WRITE access to the object. To change the SL of an IPC object, the process must have all of the following:

PV_SL_PROC privilege
DAC OWNER (downgrade only)
DAC WRITE
MAC WRITE
PV_SL_UG privilege to upgrade SL, or PV_SL_DG privilege to downgrade SL
PV_MAC_CL if existing or new SL outside clearance of process
MIC WRITE

To change the TL of an IPC object, the process must have all of the following:

PV_TL privilege
DAC OWNER
MAC WRITE
MIC WRITE

Additionally, in order to lock or unlock a shared memory segment in memory, a process must have the PV_KER_IPC_O privilege. A process also requires the PV_KER_IPC privilege to change msg qbytes of a message queue in the _msgctl subroutine.