Date: Tue, 12 Oct 2004 04:45:08 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: "Christian S.J. Peron" <csjp@freebsd.org> Cc: swp@swp.pp.ru Subject: Re: IP options broken for raw sockets on cred downgrade (was: Re: why required root privileges to set multicast options now?) Message-ID: <Pine.NEB.3.96L.1041012044330.55701G-100000@fledge.watson.org> In-Reply-To: <20041012041433.GA16734@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 12 Oct 2004, Christian S.J. Peron wrote: > First off, allow me to apologize for the delay, I have been away for > Thanks giving weekend. This patch looks like it fixes most of the > problems. I should have thought of this when I committed the credential > checks, sorry about that! > > I am testing this patch right now, and I will report any success > failures I experience. No problem on the delay, and thanks for testing. It appears to resolve the problem for me locally (for example, mtrace now works as non-root. My primary concern with the fix is making sure it doesn't introduce security holes -- i.e., I didn't miss any cases to put a suser() in front of, etc, or implications of passing it down to in_control() without further checks. As we discussed when starting the work to refine the raw socket protections, the implications of these changes can be very subtle but pretty significant, so requires a lot of thinking and testing :-). Thanks! Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1041012044330.55701G-100000>