From owner-cvs-src@FreeBSD.ORG Wed Nov 14 11:52:45 2007 Return-Path: Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 553BB16A41B; Wed, 14 Nov 2007 11:52:45 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 2D24A13C478; Wed, 14 Nov 2007 11:52:45 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id lAEBqjAE057091; Wed, 14 Nov 2007 11:52:45 GMT (envelope-from bz@repoman.freebsd.org) Received: (from bz@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id lAEBqjCN057090; Wed, 14 Nov 2007 11:52:45 GMT (envelope-from bz) Message-Id: <200711141152.lAEBqjCN057090@repoman.freebsd.org> From: "Bjoern A. Zeeb" Date: Wed, 14 Nov 2007 11:52:44 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: RELENG_7 Cc: Subject: cvs commit: src/sys/netipsec keysock.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Nov 2007 11:52:45 -0000 bz 2007-11-14 11:52:44 UTC FreeBSD src repository Modified files: (Branch: RELENG_7) sys/netipsec keysock.c Log: MFC: rev 1.19 sys/netipsec/keysock.c Add a missing priv check in key_attach to prevent non-su users from messing with the spdb and sadb. Problem sneaked in with the fast_ipsec+v6->ipsec merger by no longer going via raw_usrreqs.pr_attach. Approved by: re (kensmith) Revision Changes Path 1.18.2.1 +7 -0 src/sys/netipsec/keysock.c