summaryrefslogtreecommitdiffstats
path: root/net/core
diff options
context:
space:
mode:
authorJean Tourrilhes <jt@hpl.hp.com>2006-04-14 19:47:26 +0200
committerJohn W. Linville <linville@tuxdriver.com>2006-04-19 23:25:41 +0200
commit848ef8555296f25d9226d3bc43ce4028835ed633 (patch)
tree3db10d298e8c4cfe005b719552ac378685ab5c1a /net/core
parent[PATCH] bcm43xx: iw_priv_args names should be <16 characters (diff)
downloadlinux-848ef8555296f25d9226d3bc43ce4028835ed633.tar.xz
linux-848ef8555296f25d9226d3bc43ce4028835ed633.zip
[PATCH] wext: Fix RtNetlink ENCODE security permissions
I've just realised that the RtNetlink code does not check the permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that any user can read the encryption keys. The fix is trivial and should go in 2.6.17 alonside the two other patch I sent you last week. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/core')
-rw-r--r--net/core/wireless.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/net/core/wireless.c b/net/core/wireless.c
index 81d6995fcfdb..d2bc72d318f7 100644
--- a/net/core/wireless.c
+++ b/net/core/wireless.c
@@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_device * dev,
if(!IW_IS_GET(request->cmd))
return -EOPNOTSUPP;
+ /* If command is `get the encoding parameters', check if
+ * the user has the right to do it */
+ if (request->cmd == SIOCGIWENCODE ||
+ request->cmd == SIOCGIWENCODEEXT) {
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+ }
+
/* Special cases */
if(request->cmd == SIOCGIWSTATS)
/* Get Wireless Stats */