aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEugene Teo <eugeneteo@kernel.sg>2008-08-27 07:50:30 -0400
committerDavid S. Miller <davem@davemloft.net>2008-08-27 07:50:30 -0400
commitf2455eb176ac87081bbfc9a44b21c7cd2bc1967e (patch)
tree63874579df35e6938faa973f476a4fe803f5282c
parent6c36810a731a422535d838cdb440f332c1d91017 (diff)
wan: Missing capability checks in sbni_ioctl()
There are missing capability checks in the following code: 1300 static int 1301 sbni_ioctl( struct net_device *dev, struct ifreq *ifr, int cmd) 1302 { [...] 1319 case SIOCDEVRESINSTATS : 1320 if( current->euid != 0 ) /* root only */ 1321 return -EPERM; [...] 1336 case SIOCDEVSHWSTATE : 1337 if( current->euid != 0 ) /* root only */ 1338 return -EPERM; [...] 1357 case SIOCDEVENSLAVE : 1358 if( current->euid != 0 ) /* root only */ 1359 return -EPERM; [...] 1372 case SIOCDEVEMANSIPATE : 1373 if( current->euid != 0 ) /* root only */ 1374 return -EPERM; Here's my proposed fix: Missing capability checks. Signed-off-by: Eugene Teo <eugeneteo@kernel.sg> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--drivers/net/wan/sbni.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/drivers/net/wan/sbni.c b/drivers/net/wan/sbni.c
index e59255a155a9..6596cd0742b9 100644
--- a/drivers/net/wan/sbni.c
+++ b/drivers/net/wan/sbni.c
@@ -1317,7 +1317,7 @@ sbni_ioctl( struct net_device *dev, struct ifreq *ifr, int cmd )
1317 break; 1317 break;
1318 1318
1319 case SIOCDEVRESINSTATS : 1319 case SIOCDEVRESINSTATS :
1320 if( current->euid != 0 ) /* root only */ 1320 if (!capable(CAP_NET_ADMIN))
1321 return -EPERM; 1321 return -EPERM;
1322 memset( &nl->in_stats, 0, sizeof(struct sbni_in_stats) ); 1322 memset( &nl->in_stats, 0, sizeof(struct sbni_in_stats) );
1323 break; 1323 break;
@@ -1334,7 +1334,7 @@ sbni_ioctl( struct net_device *dev, struct ifreq *ifr, int cmd )
1334 break; 1334 break;
1335 1335
1336 case SIOCDEVSHWSTATE : 1336 case SIOCDEVSHWSTATE :
1337 if( current->euid != 0 ) /* root only */ 1337 if (!capable(CAP_NET_ADMIN))
1338 return -EPERM; 1338 return -EPERM;
1339 1339
1340 spin_lock( &nl->lock ); 1340 spin_lock( &nl->lock );
@@ -1355,7 +1355,7 @@ sbni_ioctl( struct net_device *dev, struct ifreq *ifr, int cmd )
1355#ifdef CONFIG_SBNI_MULTILINE 1355#ifdef CONFIG_SBNI_MULTILINE
1356 1356
1357 case SIOCDEVENSLAVE : 1357 case SIOCDEVENSLAVE :
1358 if( current->euid != 0 ) /* root only */ 1358 if (!capable(CAP_NET_ADMIN))
1359 return -EPERM; 1359 return -EPERM;
1360 1360
1361 if (copy_from_user( slave_name, ifr->ifr_data, sizeof slave_name )) 1361 if (copy_from_user( slave_name, ifr->ifr_data, sizeof slave_name ))
@@ -1370,7 +1370,7 @@ sbni_ioctl( struct net_device *dev, struct ifreq *ifr, int cmd )
1370 return enslave( dev, slave_dev ); 1370 return enslave( dev, slave_dev );
1371 1371
1372 case SIOCDEVEMANSIPATE : 1372 case SIOCDEVEMANSIPATE :
1373 if( current->euid != 0 ) /* root only */ 1373 if (!capable(CAP_NET_ADMIN))
1374 return -EPERM; 1374 return -EPERM;
1375 1375
1376 return emancipate( dev ); 1376 return emancipate( dev );