提交 848ef855 编写于 作者: J Jean Tourrilhes 提交者: John W. Linville

[PATCH] wext: Fix RtNetlink ENCODE security permissions

	I've just realised that the RtNetlink code does not check the
permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that
any user can read the encryption keys. The fix is trivial and should
go in 2.6.17 alonside the two other patch I sent you last week.
Signed-off-by: NJean Tourrilhes <jt@hpl.hp.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
上级 a392149e
...@@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_device * dev, ...@@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_device * dev,
if(!IW_IS_GET(request->cmd)) if(!IW_IS_GET(request->cmd))
return -EOPNOTSUPP; return -EOPNOTSUPP;
/* If command is `get the encoding parameters', check if
* the user has the right to do it */
if (request->cmd == SIOCGIWENCODE ||
request->cmd == SIOCGIWENCODEEXT) {
if (!capable(CAP_NET_ADMIN))
return -EPERM;
}
/* Special cases */ /* Special cases */
if(request->cmd == SIOCGIWSTATS) if(request->cmd == SIOCGIWSTATS)
/* Get Wireless Stats */ /* Get Wireless Stats */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册