Date: Thu, 30 Aug 2001 14:20:16 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Ruslan Ermilov <ru@FreeBSD.ORG> Cc: net@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: Proposed change to route(4) sockets to make them available to non-superuser Message-ID: <200108301820.f7UIKGZ66585@khavrinen.lcs.mit.edu> In-Reply-To: <20010830204132.A47482@sunbay.com> References: <20010830145840.A1554@sunbay.com> <200108301533.f7UFXYT64952@khavrinen.lcs.mit.edu> <20010830204132.A47482@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 30 Aug 2001 20:41:32 +0300, Ruslan Ermilov <ru@FreeBSD.ORG> said: > + if (rtm->rtm_type != RTM_GET && so->so_cred->cr_uid != 0) > + senderr(EACCES); I'm certain rwatson would object to this. suser_xxx() allows checking on the basis of credentials rather than a process, so that's what should be used. In any case, the correct error is EPERM, not EACCES. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108301820.f7UIKGZ66585>