提交 64a0c1c8 编写于 作者: I Ivan Skytte Jorgensen 提交者: Sridhar Samudrala

[SCTP] Do not allow unprivileged programs initiating new associations on

privileged ports.
Signed-off-by: NIvan Skytte Jorgensen <isj-sctp@i1.dk>
Signed-off-by: NSridhar Samudrala <sri@us.ibm.com>
上级 96a33998
...@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk, ...@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk,
err = -EAGAIN; err = -EAGAIN;
goto out_free; goto out_free;
} }
} else {
/*
* If an unprivileged user inherits a 1-many
* style socket with open associations on a
* privileged port, it MAY be permitted to
* accept new associations, but it SHOULD NOT
* be permitted to open new associations.
*/
if (ep->base.bind_addr.port < PROT_SOCK &&
!capable(CAP_NET_BIND_SERVICE)) {
err = -EACCES;
goto out_free;
}
} }
scope = sctp_scope(&to); scope = sctp_scope(&to);
...@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, ...@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
err = -EAGAIN; err = -EAGAIN;
goto out_unlock; goto out_unlock;
} }
} else {
/*
* If an unprivileged user inherits a one-to-many
* style socket with open associations on a privileged
* port, it MAY be permitted to accept new associations,
* but it SHOULD NOT be permitted to open new
* associations.
*/
if (ep->base.bind_addr.port < PROT_SOCK &&
!capable(CAP_NET_BIND_SERVICE)) {
err = -EACCES;
goto out_unlock;
}
} }
scope = sctp_scope(&to); scope = sctp_scope(&to);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册