From owner-freebsd-security  Mon Jun 21  7:24:59 1999
Delivered-To: freebsd-security@freebsd.org
Received: from happy.cow.org (happy.cow.org [198.88.20.7])
	by hub.freebsd.org (Postfix) with ESMTP id A231B14BCD
	for <freebsd-security@FreeBSD.ORG>; Mon, 21 Jun 1999 07:24:57 -0700 (PDT)
	(envelope-from wehner@happy.cow.org)
Received: (from wehner@localhost)
	by happy.cow.org (8.9.3/8.9.3) id KAA67602;
	Mon, 21 Jun 1999 10:24:20 -0400 (EDT)
	(envelope-from wehner)
Date: Mon, 21 Jun 1999 09:24:16 -0500
From: Kris Wehner <kris@further.com>
To: Allan Saddi <asaddi@philosophysw.com>
Cc: Frank Tobin <ftobin@bigfoot.com>, kris@further.com,
	FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG>
Subject: Re: proposed secure-level 4 patch (fwd)
Message-ID: <19990621092414.A62936@happy.cow.org>
References: <Pine.BSF.4.10.9906192320330.66866-300000@srh0710.urh.uiuc.edu> <Pine.BSF.4.10.9906200232120.6859-100000@shell2.ba.best.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=qMm9M+Fa2AknHoGS
X-Mailer: Mutt 0.95.5i
In-Reply-To: <Pine.BSF.4.10.9906200232120.6859-100000@shell2.ba.best.com>; from Allan Saddi on Sun, Jun 20, 1999 at 02:54:40AM -0700
Organization: Further Consulting
X-Longhaired-Whiteguy-Version: 1.1
X-PGP-Fingerprint: <0x531E2A4D> 7A 7E DB 08 E4 68 CF F0 84 B4 55 9B 6D DB 8D 72
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


--qMm9M+Fa2AknHoGS
Content-Type: text/plain; charset=us-ascii

Previously, Allan Saddi (asaddi@philosophysw.com) said:
> There are still problems with this no-bind-securelevel patch:

to resolve these problems (including the super-boneheaded network byte
order problem), i moved the patch down to in_pcb.c so it handles udp+tcp,
swapped the <= for a < and it works like a champ. this is against -current.

if anyone is interested, i also fixed unionfs and the vfs_syscalls.c to
disable unionfs mounts and mount -o union in securelevel >= 2.

kris

--qMm9M+Fa2AknHoGS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="in_pcb.diff"

*** in_pcb.c-orig	Tue Jun 22 09:28:42 1999
--- in_pcb.c	Tue Jun 22 09:30:24 1999
***************
*** 175,180 ****
--- 175,186 ----
  		if (sin->sin_family != AF_INET)
  			return (EAFNOSUPPORT);
  #endif
+ 		/* 
+ 		 * Disallow bind if we are in super secure mode and port < 1024
+ 		 */
+ 		if (sin->sin_family == AF_INET && ntohs(sin->sin_port) <  IPPORT_RESERVED
+ 		    && securelevel >= 4) 
+ 		  return EPERM;
  		if (prison_ip(p, 0, &sin->sin_addr.s_addr))
  			return(EINVAL);
  		lport = sin->sin_port;

--qMm9M+Fa2AknHoGS--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message