Module Name: src
Committed By: christos
Date: Fri Mar 13 16:37:12 UTC 2020
Modified Files:
src/sys/net: rtsock_shared.c
Log Message:
Use the socket credentials that are established during the socket creation
instead of the current process credentials (which can change via
set{e,}{u,g}id(2)) and by passing the fd to a different process. This makes
the routing socket behave like other file descriptors. Proposed in tech-kern.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 src/sys/net/rtsock_shared.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/rtsock_shared.c
diff -u src/sys/net/rtsock_shared.c:1.16 src/sys/net/rtsock_shared.c:1.17
--- src/sys/net/rtsock_shared.c:1.16 Thu Mar 12 15:36:33 2020
+++ src/sys/net/rtsock_shared.c Fri Mar 13 12:37:12 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: rtsock_shared.c,v 1.16 2020/03/12 19:36:33 christos Exp $ */
+/* $NetBSD: rtsock_shared.c,v 1.17 2020/03/13 16:37:12 christos Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rtsock_shared.c,v 1.16 2020/03/12 19:36:33 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rtsock_shared.c,v 1.17 2020/03/13 16:37:12 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -703,10 +703,10 @@ COMPATNAME(route_output)(struct mbuf *m,
}
/*
- * Verify that the caller has the appropriate privilege; RTM_GET
+ * Verify that the socket has the appropriate privilege; RTM_GET
* is the only operation the non-superuser is allowed.
*/
- if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_ROUTE,
+ if (kauth_authorize_network(so->so_cred, KAUTH_NETWORK_ROUTE,
0, rtm, NULL, NULL) != 0)
senderr(EACCES);
