* [PATCH] cfg80211: Don't allow users to create/remove interfaces
@ 2007-07-10 23:17 Michael Buesch
2007-07-11 9:36 ` Johannes Berg
0 siblings, 1 reply; 2+ messages in thread
From: Michael Buesch @ 2007-07-10 23:17 UTC (permalink / raw)
To: John Linville; +Cc: Johannes Berg, Andy Green, linux-wireless
This adds a capability check to only allow creation
and removal of interfaces by a network admin.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: Andy Green <andy@warmcat.com>
Index: mac80211/net/wireless/sysfs.c
===================================================================
--- mac80211.orig/net/wireless/sysfs.c 2007-06-01 11:20:32.000000000 +0200
+++ mac80211/net/wireless/sysfs.c 2007-07-11 01:04:53.000000000 +0200
@@ -46,9 +46,10 @@ static ssize_t _store_add_iface(struct d
struct cfg80211_registered_device *rdev = dev_to_rdev(dev);
int res;
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
if (len > IFNAMSIZ)
return -EINVAL;
-
if (!rdev->ops->add_virtual_intf)
return -ENOSYS;
@@ -68,9 +69,10 @@ static ssize_t _store_remove_iface(struc
int res, ifidx;
struct net_device *netdev;
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
if (len > IFNAMSIZ)
return -EINVAL;
-
if (!rdev->ops->del_virtual_intf)
return -ENOSYS;
--
Greetings Michael.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] cfg80211: Don't allow users to create/remove interfaces
2007-07-10 23:17 [PATCH] cfg80211: Don't allow users to create/remove interfaces Michael Buesch
@ 2007-07-11 9:36 ` Johannes Berg
0 siblings, 0 replies; 2+ messages in thread
From: Johannes Berg @ 2007-07-11 9:36 UTC (permalink / raw)
To: Michael Buesch; +Cc: John Linville, Andy Green, linux-wireless
[-- Attachment #1: Type: text/plain, Size: 1329 bytes --]
On Wed, 2007-07-11 at 01:17 +0200, Michael Buesch wrote:
> This adds a capability check to only allow creation
> and removal of interfaces by a network admin.
>
> Signed-off-by: Michael Buesch <mb@bu3sch.de>
> Cc: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Should stable be getting this too, for people who use out-of-tree
mac80211 drivers?
> Cc: Andy Green <andy@warmcat.com>
>
> Index: mac80211/net/wireless/sysfs.c
> ===================================================================
> --- mac80211.orig/net/wireless/sysfs.c 2007-06-01 11:20:32.000000000 +0200
> +++ mac80211/net/wireless/sysfs.c 2007-07-11 01:04:53.000000000 +0200
> @@ -46,9 +46,10 @@ static ssize_t _store_add_iface(struct d
> struct cfg80211_registered_device *rdev = dev_to_rdev(dev);
> int res;
>
> + if (!capable(CAP_NET_ADMIN))
> + return -EPERM;
> if (len > IFNAMSIZ)
> return -EINVAL;
> -
> if (!rdev->ops->add_virtual_intf)
> return -ENOSYS;
>
> @@ -68,9 +69,10 @@ static ssize_t _store_remove_iface(struc
> int res, ifidx;
> struct net_device *netdev;
>
> + if (!capable(CAP_NET_ADMIN))
> + return -EPERM;
> if (len > IFNAMSIZ)
> return -EINVAL;
> -
> if (!rdev->ops->del_virtual_intf)
> return -ENOSYS;
>
>
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-07-11 9:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-10 23:17 [PATCH] cfg80211: Don't allow users to create/remove interfaces Michael Buesch
2007-07-11 9:36 ` Johannes Berg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).