CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/10/02 18:53:13
Modified files:
sbin/ping6 : ping6.c
Log message:
ping6 is a setuid root priv-drop which holds a sockraw. we can tame it
substantially with "stdio inet", plus "dns" if the -n option is missing.
a successful exploit against it then cannot create files, or perform a
variety of other operations, as described in the tame(2) man page.
ping6 is a bit trickier than ping, because it uses recvmsg() with CMSG
types of IPV6_HOPOPTS, IPV6_DSTOPTS, IPV6_RTHDRDSTOPTS, IPV6_RTHDR.
there is further work to do in the kernel, with claudio!
work with florian a while back, which involved hoisting lots of initization
code upwards.
ok doug
