Date: Sun, 20 Jun 1999 21:01:52 -0500 (CDT) From: Frank Tobin <ftobin@bigfoot.com> To: FreeBSD-security Mailing List <freebsd-security@freebsd.org> Subject: in_pcb (fwd) Message-ID: <Pine.BSF.4.10.9906202101260.19623-200000@srh0710.urh.uiuc.edu>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --HlL+5n6rz5pIUxbD Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: <Pine.BSF.4.10.9906202101262.19623@srh0710.urh.uiuc.edu> ---------- Forwarded message ---------- Date: Sun, 20 Jun 1999 13:20:47 -0500 From: Kris Wehner <wehner@cs.uiuc.edu> To: ftobin@uiuc.edu Subject: in_pcb hey here's the securelevel tcp diff moved down to the in_pcb code against -current. it works spiffy, and the ntohs() problem (duh!) has been fixed, so it works reliably for both udp + tcp. sorry about the goofs before. k -- kristopher wehner <wehner@cs.uiuc.edu> Sit back and watch my divine spark flash -- Chris Robinson --HlL+5n6rz5pIUxbD Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.BSF.4.10.9906202101263.19623@srh0710.urh.uiuc.edu> Content-Description: Content-Disposition: ATTACHMENT; FILENAME="in_pcb.diff" *** in_pcb.c-orig Sun Jun 20 13:17:55 1999 --- in_pcb.c Sun Jun 20 13:19:16 1999 *************** *** 175,180 **** --- 175,186 ---- if (sin->sin_family != AF_INET) return (EAFNOSUPPORT); #endif + /* + * Disallow bind if we are in super secure mode and port < 1024 + */ + if (sin->sin_family == AF_INET && sin->sin_port < ntohs(1024) + && securelevel >= 4) + return EPERM; if (prison_ip(p, 0, &sin->sin_addr.s_addr)) return(EINVAL); lport = sin->sin_port; --HlL+5n6rz5pIUxbD-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9906202101260.19623-200000>