summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIvan Skytte Jorgensen <isj-sctp@i1.dk>2005-10-28 15:39:02 -0700
committerSridhar Samudrala <sri@us.ibm.com>2005-10-28 15:39:02 -0700
commit64a0c1c81e300f0f56f26604c81040784e3717f0 (patch)
tree845863e5b3fc06a9de54104f32e28bbe914ee44a
parent96a339985d4c6874d32909e8f1903e6e6c141399 (diff)
[SCTP] Do not allow unprivileged programs initiating new associations on
privileged ports. Signed-off-by: Ivan Skytte Jorgensen <isj-sctp@i1.dk> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-rw-r--r--net/sctp/socket.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 97b556c1c45..b529af5e6f2 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk,
err = -EAGAIN;
goto out_free;
}
+ } else {
+ /*
+ * If an unprivileged user inherits a 1-many
+ * style socket with open associations on a
+ * privileged port, it MAY be permitted to
+ * accept new associations, but it SHOULD NOT
+ * be permitted to open new associations.
+ */
+ if (ep->base.bind_addr.port < PROT_SOCK &&
+ !capable(CAP_NET_BIND_SERVICE)) {
+ err = -EACCES;
+ goto out_free;
+ }
}
scope = sctp_scope(&to);
@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
err = -EAGAIN;
goto out_unlock;
}
+ } else {
+ /*
+ * If an unprivileged user inherits a one-to-many
+ * style socket with open associations on a privileged
+ * port, it MAY be permitted to accept new associations,
+ * but it SHOULD NOT be permitted to open new
+ * associations.
+ */
+ if (ep->base.bind_addr.port < PROT_SOCK &&
+ !capable(CAP_NET_BIND_SERVICE)) {
+ err = -EACCES;
+ goto out_unlock;
+ }
}
scope = sctp_scope(&to);