Date: Tue, 5 Jul 2005 11:57:05 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 79598 for review Message-ID: <200507051157.j65Bv53H076517@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=79598 Change 79598 by rwatson@rwatson_paprika on 2005/07/05 11:56:13 Use CAP_NET_ADMIN instead of suser() for configuring 802.11, both in the net80211 code, and also in the older wireless drivers that implement parts of 802.11 themselves. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/dev/if_ndis/if_ndis.c#6 edit .. //depot/projects/trustedbsd/sebsd/sys/dev/owi/if_owi.c#7 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/dev/if_ndis/if_ndis.c#6 (text+ko) ==== @@ -2458,7 +2458,7 @@ uint32_t foo; int error, len; - error = suser(curthread); + error = cap_check(curthread, CAP_NET_ADMIN); if (error) return (error); @@ -2916,7 +2916,7 @@ rt_ieee80211msg(ifp, RTM_IEEE80211_SCAN, NULL, 0); break; case IEEE80211_IOC_STATIONNAME: - error = suser(curthread); + error = cap_check(curthread, CAP_NET_ADMIN); if (error) break; if (ireq->i_val != 0 || ==== //depot/projects/trustedbsd/sebsd/sys/dev/owi/if_owi.c#7 (text+ko) ==== @@ -1391,7 +1391,8 @@ break; } /* Don't show WEP keys to non-root users. */ - if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS && suser(td)) + if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS && + cap_check(td, CAP_NET_ADMIN)) break; if (wreq.wi_type == WI_RID_IFACE_STATS) { bcopy((char *)&sc->wi_stats, (char *)&wreq.wi_val, @@ -1403,7 +1404,7 @@ } #ifdef WICACHE else if (wreq.wi_type == WI_RID_ZERO_CACHE) { - error = suser(td); + error = cap_check(td, CAP_NET_ADMIN); if (error) break; sc->wi_sigitems = sc->wi_nextitem = 0; @@ -1441,7 +1442,7 @@ error = copyout(&wreq, ifr->ifr_data, sizeof(wreq)); break; case SIOCSWAVELAN: - if ((error = suser(td))) + if ((error = cap_check(td, CAP_NET_ADMIN))) goto out; error = copyin(ifr->ifr_data, &wreq, sizeof(wreq)); if (error) @@ -1516,7 +1517,7 @@ break; } len = sc->wi_keys.wi_keys[ireq->i_val].wi_keylen; - if (suser(td)) + if (cap_check(td, CAP_NET_ADMIN)) bcopy(sc->wi_keys.wi_keys[ireq->i_val].wi_keydat, tmpkey, len); else @@ -1569,7 +1570,7 @@ } break; case SIOCS80211: - if ((error = suser(td))) + if ((error = cap_check(td, CAP_NET_ADMIN))) goto out; switch(ireq->i_type) { case IEEE80211_IOC_SSID:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507051157.j65Bv53H076517>