diff options
author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-11-12 23:47:48 +0000 |
---|---|---|
committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-11-12 23:47:48 +0000 |
commit | 190320e23789c2e4d8765553d2c76997b34cd186 (patch) | |
tree | 73c28367b19eec6d0a79f6d23428b6b03cd2369f /sys/netipsec | |
parent | dbac8ff40032ae79e4a5dda8237f5dc1765420eb (diff) | |
download | src-190320e23789c2e4d8765553d2c76997b34cd186.tar.gz src-190320e23789c2e4d8765553d2c76997b34cd186.zip |
Add a missing priv check in key_attach to prevent non-su users
from messing with the spdb and sadb.
Problem sneaked in with the fast_ipsec+v6->ipsec merger by no
longer going via raw_usrreqs.pr_attach.
Reported by: Pawel Worach
Identified by: rwatson
Reviewed by: rwatson
MFC after: 3 days
Notes
Notes:
svn path=/head/; revision=173574
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/keysock.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c index 21539f120376..17ef9eb0157c 100644 --- a/sys/netipsec/keysock.c +++ b/sys/netipsec/keysock.c @@ -43,6 +43,7 @@ #include <sys/malloc.h> #include <sys/mbuf.h> #include <sys/mutex.h> +#include <sys/priv.h> #include <sys/protosw.h> #include <sys/signalvar.h> #include <sys/socket.h> @@ -392,6 +393,12 @@ key_attach(struct socket *so, int proto, struct thread *td) return ENOBUFS; so->so_pcb = (caddr_t)kp; + + if (td != NULL) { + error = priv_check(td, PRIV_NET_RAW); + if (error) + return error; + } error = raw_attach(so, proto); kp = (struct keycb *)sotorawcb(so); if (error) { |