diff options
| -rw-r--r-- | man/tip/nng_ipc.7.html | 45 | ||||
| -rw-r--r-- | man/tip/nngcat.1.html | 19 |
2 files changed, 64 insertions, 0 deletions
diff --git a/man/tip/nng_ipc.7.html b/man/tip/nng_ipc.7.html index dcb1630d..11f3e55f 100644 --- a/man/tip/nng_ipc.7.html +++ b/man/tip/nng_ipc.7.html @@ -632,6 +632,20 @@ The default is system-specific, most often <code>0644</code>.</p> </dd> </dl> </div> +<div class="admonitionblock important"> +<table> +<tr> +<td class="icon"> +<i class="fa icon-important" title="Important"></i> +</td> +<td class="content"> +Not all systems validate these permissions. +In particular, illumos and Solaris are known to ignore these permission +settings when connecting. +</td> +</tr> +</table> +</div> <div class="admonitionblock note"> <table> <tr> @@ -658,6 +672,37 @@ The <em>umask</em> of the process is <strong>not</strong> applied to these bits. </tr> </table> </div> +<div class="admonitionblock tip"> +<table> +<tr> +<td class="icon"> +<i class="fa icon-tip" title="Tip"></i> +</td> +<td class="content"> +The best practice for limiting access is to place the socket in a +directory writable only by the server, and only readable and searchable +by clients. +All mainstream POSIX systems will fail to permit a client to connect +to a socket located in a diretor for which the client lacks search (execute) +permission. +</td> +</tr> +</table> +</div> +<div class="admonitionblock tip"> +<table> +<tr> +<td class="icon"> +<i class="fa icon-tip" title="Tip"></i> +</td> +<td class="content"> +Also consider using the <code>NNG_OPT_IPC_PEER_UID</code> property from within a +a pipe notification callback (<code><a href="nng_pipe_notify.3.html">nng_pipe_notify()</a></code>) +to validate peer credentials. +</td> +</tr> +</table> +</div> <div class="dlist"> <dl> <dt class="hdlist1"><code>NNG_OPT_IPC_SECURITY_DESCRIPTOR</code></dt> diff --git a/man/tip/nngcat.1.html b/man/tip/nngcat.1.html index 3a763794..e6dc7946 100644 --- a/man/tip/nngcat.1.html +++ b/man/tip/nngcat.1.html @@ -632,6 +632,18 @@ of messages received, and messages are discarded if they do not match. This may be specified multiple times to subscribe to multiple topics. If not specified at all, then a default subscription to everything is assumed.</p> </dd> +<dt class="hdlist1"><strong>--count=</strong>=<em>COUNT</em></dt> +<dd> +<p>Limit the number of iterations when looping to <em>COUNT</em> iterations. +For protocols that only send, this will only send <em>COUNT</em> messages before +exiting. +For protocols that only receive, this will only receive <em>COUNT</em> messages +before exiting. +For protocols that involve a full exchange, this will only perform <em>COUNT</em> +exchanges (each exchange is characterized by at most a single send, and +one or more receives.) +If <em>COUNT</em> is zero, then an infinite number of iterations is performed.</p> +</dd> </dl> </div> </div> @@ -857,6 +869,13 @@ Messages are emitted as <a href="https://msgpack.org">MessagePack</a> "bin forma <p>Give up receiving messages after <em>SEC</em> seconds pass without any received messages.</p> </dd> +<dt class="hdlist1"><strong>--recv-maxsz</strong>=<em>COUNT</em></dt> +<dd> +<p>Set the maximum message size socket will accept to <em>COUNT</em> bytes. +Messages larger than this will be discarded. +The default is 1048576 (1 MB). +To eliminate any restriction, use 0.</p> +</dd> </dl> </div> </div> |