[SCTP] Do not allow unprivileged programs initiating new associations on
authorIvan Skytte Jorgensen <isj-sctp@i1.dk>
Fri, 28 Oct 2005 22:39:02 +0000 (15:39 -0700)
committerSridhar Samudrala <sri@us.ibm.com>
Fri, 28 Oct 2005 22:39:02 +0000 (15:39 -0700)
privileged ports.

Signed-off-by: Ivan Skytte Jorgensen <isj-sctp@i1.dk>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
net/sctp/socket.c

index 97b556c1c45026ed955ff5cc92be007060f66708..b529af5e6f2a043515de3fa7a2c80c7b0d54e43e 100644 (file)
@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk,
                                        err = -EAGAIN;
                                        goto out_free;
                                }
+                       } else {
+                               /*
+                                * If an unprivileged user inherits a 1-many 
+                                * style socket with open associations on a 
+                                * privileged port, it MAY be permitted to 
+                                * accept new associations, but it SHOULD NOT 
+                                * be permitted to open new associations.
+                                */
+                               if (ep->base.bind_addr.port < PROT_SOCK &&
+                                   !capable(CAP_NET_BIND_SERVICE)) {
+                                       err = -EACCES;
+                                       goto out_free;
+                               }
                        }
 
                        scope = sctp_scope(&to);
@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
                                err = -EAGAIN;
                                goto out_unlock;
                        }
+               } else {
+                       /*
+                        * If an unprivileged user inherits a one-to-many
+                        * style socket with open associations on a privileged
+                        * port, it MAY be permitted to accept new associations,
+                        * but it SHOULD NOT be permitted to open new
+                        * associations.
+                        */
+                       if (ep->base.bind_addr.port < PROT_SOCK &&
+                           !capable(CAP_NET_BIND_SERVICE)) {
+                               err = -EACCES;
+                               goto out_unlock;
+                       }
                }
 
                scope = sctp_scope(&to);