From: Simon Arlott <simon@arlott.org>
To: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: CAP_NET_BIND_SERVICE checking in inet_bind vs socket_bind
Date: Sat, 17 Feb 2007 01:33:28 +0000 [thread overview]
Message-ID: <45D65B68.7040406@simon.arlott.org.uk> (raw)
[-- Attachment #1: Type: text/plain, Size: 2356 bytes --]
Why does inet_bind (instead of socket_bind) check that ports below 1024 require CAP_NET_BIND_SERVICE?
Couldn't this check be moved to the dummy socket_bind so that the behaviour can be changed by a security module?
---
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index cf358c8..d75a2c5 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -431,9 +431,11 @@ int inet_bind(struct socket *sock, struc
goto out;
snum = ntohs(addr->sin_port);
+#ifndef CONFIG_SECURITY_NETWORK
err = -EACCES;
if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
goto out;
+#endif
/* We keep a pair of addresses. rcv_saddr is the one
* used by hash lookups, and saddr is used for transmit.
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index 3585d8f..768989d 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -262,8 +262,10 @@ int inet6_bind(struct socket *sock, stru
return -EINVAL;
snum = ntohs(addr->sin6_port);
+#ifndef CONFIG_SECURITY_NETWORK
if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
return -EACCES;
+#endif
lock_sock(sk);
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
diff --git a/security/dummy.c b/security/dummy.c
index 558795b..1315b19 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -29,6 +29,8 @@ #include <linux/hugetlb.h>
#include <linux/ptrace.h>
#include <linux/file.h>
+#include <linux/in.h>
+
static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
{
return 0;
@@ -718,6 +720,26 @@ static int dummy_socket_post_create (str
static int dummy_socket_bind (struct socket *sock, struct sockaddr *address,
int addrlen)
{
+ switch (address->sa_family) {
+#ifdef INET
+ case PF_INET: {
+ struct sockaddr_in *addr = (struct sockaddr_in *)address;
+ unsigned short snum;
+ snum = ntohs((addr->sin_port));
+ if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
+ return -EACCES;
+ break;
+ }
+ case PF_INET6: {
+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)address;
+ unsigned short snum;
+ snum = ntohs(addr->sin6_port);
+ if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
+ return -EACCES;
+ break;
+ }
+#endif
+ }
return 0;
}
--
Simon Arlott
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 829 bytes --]
reply other threads:[~2007-02-17 1:33 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45D65B68.7040406@simon.arlott.org.uk \
--to=simon@arlott.org \
--cc=0c1ab235b3b331046f1hiesd0005gitv@thunder.lp0.eu \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox