Date: Thu, 31 May 2007 14:28:27 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 120665 for review Message-ID: <200705311428.l4VESRHs023168@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=120665 Change 120665 by rwatson@rwatson_zoo on 2007/05/31 14:27:52 Remove more SUSER_ALLOWJAIL; annotate missing cred->socket check in UDPv6. Affected files ... .. //depot/projects/trustedbsd/priv/sys/netinet6/sctp6_usrreq.c#8 edit .. //depot/projects/trustedbsd/priv/sys/netinet6/udp6_usrreq.c#8 edit Differences ... ==== //depot/projects/trustedbsd/priv/sys/netinet6/sctp6_usrreq.c#8 (text+ko) ==== @@ -438,13 +438,7 @@ vrf_id = SCTP_DEFAULT_VRFID; - /* - * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket - * visibility is scoped using cr_canseesocket(), which it is not - * here. - */ - error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_RESERVEDPORT, - 0); + error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); ==== //depot/projects/trustedbsd/priv/sys/netinet6/udp6_usrreq.c#8 (text+ko) ==== @@ -437,8 +437,7 @@ struct inpcb *inp; int error; - error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_GETCRED, - SUSER_ALLOWJAIL); + error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); @@ -465,6 +464,9 @@ INP_LOCK(inp); KASSERT(inp->inp_socket != NULL, ("udp6_getcred: inp_socket == NULL")); + /* + * XXXRW: There should be a scoping access control check here. + */ cru2x(inp->inp_socket->so_cred, &xuc); INP_UNLOCK(inp); INP_INFO_RUNLOCK(&udbinfo);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705311428.l4VESRHs023168>