d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a comment above rip_ctloutput() documenting that the privilege

Browse Source 
check for raw IP system management operations is often (although
not always) implicit due to the namespacing of raw IP sockets.  I.e.,
you have to have privilege to get a raw IP socket, so much of the
management code sitting on raw IP sockets assumes that any requests
on the socket should be granted privilege.

Obtained from:	TrustedBSD Project
Product of:	France
This commit is contained in:
Robert Watson 2003-07-18 16:10:36 +00:00
parent 8522511b2a
commit 83503a9227
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/netinet/raw_ip.c
View File

@ -328,6 +328,16 @@ rip_output(m, so, dst)
/*
* Raw IP socket option processing.
*
* Note that access to all of the IP administrative functions here is
* implicitly protected by suser() as gaining access to a raw socket
* requires either that the thread pass a suser() check, or that it be
* passed a raw socket by another thread that has passed a suser() check.
* If FreeBSD moves to a more fine-grained access control mechanism,
* additional checks will need to be placed here if the raw IP attachment
* check is not equivilent the the check required for these
* administrative operations; in some cases, these checks are already
* present.
*/
int
rip_ctloutput(so, sopt)