Re: [stable] Re: [PATCH 2.6.17-rc1] Fix RtNetlink ENCODE security permissions
On Fri, Apr 14, 2006 at 10:59:13AM -0700, Randy.Dunlap wrote: > On Fri, 14 Apr 2006 10:47:26 -0700 Jean Tourrilhes wrote: > > > Hi John, > > > > I've just realised that the RtNetlink code does not check the > > permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that > > any user can read the encryption keys. The fix is trivial and should > > go in 2.6.17 alonside the two other patch I sent you last week. > > Fully tested on 2.6.17-rc1. > > and for -stable ?? At first glance, I'd agree with this. Jean? thanks, greg k-h - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2.6.17-rc1] Fix RtNetlink ENCODE security permissions
On Fri, Apr 14, 2006 at 10:59:13AM -0700, Randy.Dunlap wrote: > On Fri, 14 Apr 2006 10:47:26 -0700 Jean Tourrilhes wrote: > > > Hi John, > > > > I've just realised that the RtNetlink code does not check the > > permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that > > any user can read the encryption keys. The fix is trivial and should > > go in 2.6.17 alonside the two other patch I sent you last week. > > Fully tested on 2.6.17-rc1. > > and for -stable ?? The RtNetlink code (WE-20) was only included in 2.6.17-rc1 and therefore is not available in 2.6.16. Jean - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2.6.17-rc1] Fix RtNetlink ENCODE security permissions
On Fri, 14 Apr 2006 10:47:26 -0700 Jean Tourrilhes wrote: > Hi John, > > I've just realised that the RtNetlink code does not check the > permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that > any user can read the encryption keys. The fix is trivial and should > go in 2.6.17 alonside the two other patch I sent you last week. > Fully tested on 2.6.17-rc1. and for -stable ?? > Have fun... > > Jean > > Signed-off-by: Jean Tourrilhes <[EMAIL PROTECTED]> > > --- > > diff -u -p linux/net/core/wireless.j1.c linux/net/core/wireless.c > --- linux/net/core/wireless.j1.c 2006-04-13 18:29:49.0 -0700 > +++ linux/net/core/wireless.c 2006-04-13 18:35:59.0 -0700 > @@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_de > if(!IW_IS_GET(request->cmd)) > return -EOPNOTSUPP; > > + /* If command is `get the encoding parameters', check if > + * the user has the right to do it */ > + if (request->cmd == SIOCGIWENCODE || > + request->cmd == SIOCGIWENCODEEXT) { > + if (!capable(CAP_NET_ADMIN)) > + return -EPERM; > + } > + > /* Special cases */ > if(request->cmd == SIOCGIWSTATS) > /* Get Wireless Stats */ > > - > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to [EMAIL PROTECTED] > More majordomo info at http://vger.kernel.org/majordomo-info.html > --- ~Randy - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2.6.17-rc1] Fix RtNetlink ENCODE security permissions
Hi John, I've just realised that the RtNetlink code does not check the permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that any user can read the encryption keys. The fix is trivial and should go in 2.6.17 alonside the two other patch I sent you last week. Fully tested on 2.6.17-rc1. Have fun... Jean Signed-off-by: Jean Tourrilhes <[EMAIL PROTECTED]> --- diff -u -p linux/net/core/wireless.j1.c linux/net/core/wireless.c --- linux/net/core/wireless.j1.c2006-04-13 18:29:49.0 -0700 +++ linux/net/core/wireless.c 2006-04-13 18:35:59.0 -0700 @@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_de if(!IW_IS_GET(request->cmd)) return -EOPNOTSUPP; + /* If command is `get the encoding parameters', check if +* the user has the right to do it */ + if (request->cmd == SIOCGIWENCODE || + request->cmd == SIOCGIWENCODEEXT) { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + } + /* Special cases */ if(request->cmd == SIOCGIWSTATS) /* Get Wireless Stats */ - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html