Date: Fri, 9 Jan 2009 13:08:49 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r186948 - in head/sys: netinet netinet6 Message-ID: <20090109130811.E45399@maildrop.int.zabbadoz.net> In-Reply-To: <200901091306.n09D6vcB057544@svn.freebsd.org> References: <200901091306.n09D6vcB057544@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 9 Jan 2009, Bjoern A. Zeeb wrote: > Author: bz > Date: Fri Jan 9 13:06:56 2009 > New Revision: 186948 > URL: http://svn.freebsd.org/changeset/base/186948 > > Log: > Make SIOCGIFADDR and related, as well as SIOCGIFADDR_IN6 and related > jail-aware. Up to now we returned the first address of the interface > for SIOCGIFADDR w/o an ifr_addr in the query. This caused problems for > programs querying for an address but running inside a jail, as the > address returned usually did not belong to the jail. One of the programs hitting this is Samba btw. > Like for v6, if there was an ifr_addr given on v4, you could probe > for more addresses on the interfaces that you were not allowed to see > from inside a jail. Return an error (EADDRNOTAVAIL) in that case > now unless the address is on the given interface and valid for the > jail. > > PR: kern/114325 > Reviewed by: rwatson > MFC after: 4 weeks > > Modified: > head/sys/netinet/in.c > head/sys/netinet6/in6.c -- Bjoern A. Zeeb The greatest risk is not taking one.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090109130811.E45399>