diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-05 01:00:58 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-05 01:00:58 +0000 |
| commit | 63434aecda0480d7c72ab5baa58554e741fbe031 (patch) | |
| tree | 8f5bbc138bd72384e8155592d584c67a361d7dc4 /sys | |
| parent | 0bb655c866b74cdcd15bde96398ed3f98c72723a (diff) | |
struct socket gets so_ucred; permit only same uid or root to do port takeover.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/uipc_socket.c | 5 | ||||
| -rw-r--r-- | sys/netinet/in_pcb.c | 15 | ||||
| -rw-r--r-- | sys/sys/socketvar.h | 3 |
3 files changed, 12 insertions, 11 deletions
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 5375ad7c696..f5e27bc2ea1 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.3 1996/03/03 17:20:19 niklas Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.4 1996/08/05 01:00:53 deraadt Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -83,6 +83,7 @@ socreate(dom, aso, type, proto) so->so_type = type; if (p->p_ucred->cr_uid == 0) so->so_state = SS_PRIV; + so->so_ucred = crdup(p->p_ucred); so->so_proto = prp; error = (*prp->pr_usrreq)(so, PRU_ATTACH, NULL, (struct mbuf *)(long)proto, @@ -151,6 +152,8 @@ sofree(so) } sbrelease(&so->so_snd); sorflush(so); + if (so->so_ucred) + crfree(so->so_ucred); FREE(so, M_SOCKET); } diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 1168f7bbc36..deb1667f04f 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.c,v 1.8 1996/07/29 07:54:58 downsj Exp $ */ +/* $OpenBSD: in_pcb.c,v 1.9 1996/08/05 01:00:57 deraadt Exp $ */ /* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */ /* @@ -165,13 +165,10 @@ in_pcbbind(v, nam) if (ntohs(lport) < IPPORT_RESERVED && (error = suser(p->p_ucred, &p->p_acflag))) return (EACCES); - /* - * treat port 2049 as a reserved port, but indicate - * that it is used to not confuse a bindresvport() - * type function - */ - if (ntohs(lport) == 2049 && - suser(p->p_ucred, &p->p_acflag)) + t = in_pcblookup(table, zeroin_addr, 0, + sin->sin_addr, lport, INPLOOKUP_WILDCARD); + if (t && so->so_ucred->cr_uid && (so->so_ucred->cr_uid + != t->inp_socket->so_ucred->cr_uid)) return (EADDRINUSE); t = in_pcblookup(table, zeroin_addr, 0, sin->sin_addr, lport, wild); @@ -613,7 +610,7 @@ in_pcblookup(table, faddr, fport_arg, laddr, lport_arg, flags) continue; } else { if (faddr.s_addr != INADDR_ANY) - wildcard++; + wildcard++; } if (inp->inp_laddr.s_addr != INADDR_ANY) { if (laddr.s_addr == INADDR_ANY) diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index 0f67c8bf950..d59c400bfe5 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: socketvar.h,v 1.5 1996/07/25 09:46:07 deraadt Exp $ */ +/* $OpenBSD: socketvar.h,v 1.6 1996/08/05 01:00:41 deraadt Exp $ */ /* $NetBSD: socketvar.h,v 1.18 1996/02/09 18:25:38 christos Exp $ */ /*- @@ -97,6 +97,7 @@ struct socket { void *so_internal; /* Space for svr4 stream data */ void (*so_upcall) __P((struct socket *so, caddr_t arg, int waitf)); caddr_t so_upcallarg; /* Arg for above */ + struct ucred *so_ucred; /* who opened the socket */ }; /* |