aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorIvan Skytte Jorgensen <isj-sctp@i1.dk>2005-10-28 18:39:02 -0400
committerSridhar Samudrala <sri@us.ibm.com>2005-10-28 18:39:02 -0400
commit64a0c1c81e300f0f56f26604c81040784e3717f0 (patch)
tree845863e5b3fc06a9de54104f32e28bbe914ee44a /net
parent96a339985d4c6874d32909e8f1903e6e6c141399 (diff)
[SCTP] Do not allow unprivileged programs initiating new associations on
privileged ports. Signed-off-by: Ivan Skytte Jorgensen <isj-sctp@i1.dk> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Diffstat (limited to 'net')
-rw-r--r--net/sctp/socket.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 97b556c1c450..b529af5e6f2a 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk,
1010 err = -EAGAIN; 1010 err = -EAGAIN;
1011 goto out_free; 1011 goto out_free;
1012 } 1012 }
1013 } else {
1014 /*
1015 * If an unprivileged user inherits a 1-many
1016 * style socket with open associations on a
1017 * privileged port, it MAY be permitted to
1018 * accept new associations, but it SHOULD NOT
1019 * be permitted to open new associations.
1020 */
1021 if (ep->base.bind_addr.port < PROT_SOCK &&
1022 !capable(CAP_NET_BIND_SERVICE)) {
1023 err = -EACCES;
1024 goto out_free;
1025 }
1013 } 1026 }
1014 1027
1015 scope = sctp_scope(&to); 1028 scope = sctp_scope(&to);
@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1515 err = -EAGAIN; 1528 err = -EAGAIN;
1516 goto out_unlock; 1529 goto out_unlock;
1517 } 1530 }
1531 } else {
1532 /*
1533 * If an unprivileged user inherits a one-to-many
1534 * style socket with open associations on a privileged
1535 * port, it MAY be permitted to accept new associations,
1536 * but it SHOULD NOT be permitted to open new
1537 * associations.
1538 */
1539 if (ep->base.bind_addr.port < PROT_SOCK &&
1540 !capable(CAP_NET_BIND_SERVICE)) {
1541 err = -EACCES;
1542 goto out_unlock;
1543 }
1518 } 1544 }
1519 1545
1520 scope = sctp_scope(&to); 1546 scope = sctp_scope(&to);