The socket that effects singleton instances is a public socket that anyone
can connect to, and it's even publicly registered. Some minimum security
may be implemented by invoking
validate_peer(), which verifies that the
connected peer is the same application that invoked
validate_peer().
x::singletonapp::validate_peer(connection);
validate_peer() is typically invoked:
After x::singletonapp::create() returns,
using the socket file descriptor from the constructed
instance.
In a single singleton thread's run() method,
which receives a connection socket object for its starting
argument.
validate_peer() takes the following actions:
Make the socket temporarily non-blocking.
Send the process's system credentials, its userid, group id, and
process id, and wait up to 30 seconds for the peer to reciprocate
in turn.
The peer is also expected to invoke
validate_peer() on the
peer's side, to do the same.
A sanity check that the other process is running the same executable binary that this process is running.
Return the socket to a blocking state.
An exception gets thrown if the peer does not respond in 30 seconds or if it fails validation for any reason.
validate_peer() advertises the process's
executable pathname via the
portmapper.