[PATCH] wext: Fix IWENCODEEXT security permissions

Check the permissions when user-space try to read the encryption parameters via SIOCGIWENCODEEXT. This is trivial and probably should go in 2.6.17... Bug was found by Brian Eaton <eaton.lists@gmail.com>, thanks ! Signed-off-by: N Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: N John W. Linville <linville@tuxdriver.com>

[PATCH] wext: Fix IWENCODEEXT security permissions
Check the permissions when user-space try to read the encryption parameters via SIOCGIWENCODEEXT. This is trivial and probably should go in 2.6.17... Bug was found by Brian Eaton <eaton.lists@gmail.com>, thanks ! Signed-off-by: N Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: N John W. Linville <linville@tuxdriver.com>
a417016d · Jean Tourrilhes · John W. Linville · 3a1af6ff · a417016d
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

net/core/dev.c net/core/dev.c +2 -1

未找到文件。
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2698,7 +2698,8 @@ int dev_ioctl(unsigned int cmd, void __user *arg)
 				/* If command is `set a parameter', or
 				 * `get the encoding parameters', check if
 				 * the user has the right to do it */
-				if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE) {
+				if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE
+				    || cmd == SIOCGIWENCODEEXT) {
 					if (!capable(CAP_NET_ADMIN))
 						return -EPERM;
 				}