- Name
-
share_with - Default
-
0 - Minimum
-
-1 - Maximum
-
SMAX - Scope
- per-stack
Set this option to allow a stack to be accessed by processes owned by another user. Set it to the
UID of a user that should be permitted to share this stack, or set it to
-1 to allow any user to share the stack. By default stacks are not
accessible by users other than root.
Processes invoked by root can access any stack. Setuid processes can only access stacks
created by the effective user, not the real user. This restriction can be relaxed by
setting the Onload kernel module option
allow_insecure_setuid_sharing=1.
Important: A user that is permitted to access a stack is able to: snoop on any data transmitted or received via the stack; inject or modify data transmitted or received via the stack; damage the stack and any sockets or connections in it; cause misbehavior and crashes in any application using the stack.