Date: Tue, 28 Apr 1998 09:22:19 PDT From: Bill Fenner <fenner@parc.xerox.com> To: Luigi Rizzo <luigi@labinfo.iet.unipi.it> Cc: MBONE@isi.edu, multimedia@FreeBSD.ORG Subject: Re: multiple sdr -- found the problem Message-ID: <98Apr28.092226pdt.177515@crevenia.parc.xerox.com> In-Reply-To: Your message of "Mon, 27 Apr 98 23:37:08 PDT." <199804280637.IAA25958@labinfo.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo <luigi@labinfo.iet.unipi.it> wrote:
>I can see a reason for checking privileges on a bind -- if multiple
>processes bind to the same port, some unprivileged process might
>steal packet to another, more privileged one -- especially for
>unicast traffic.
Right, but with multicast, the packets are replicated to all
processes bound to the port, so this case doesn't apply.
>I wonder if it affects:
> 1) other systems;
I believe this particular diff came from OpenBSD:
1.39 Sun Mar 1 19:39:26 1998 UTC by guido
Make sure that you can only bind a more specific address when it is
done by the same uid.
Obtained from: OpenBSD
so OpenBSD is presumably affected in the same way.
Here's a straightforward fix to try.
Bill
Index: in_pcb.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v
retrieving revision 1.43
diff -u -r1.43 in_pcb.c
--- in_pcb.c 1998/04/19 17:22:30 1.43
+++ in_pcb.c 1998/04/28 16:16:17
@@ -197,7 +197,7 @@
if (ntohs(lport) < IPPORT_RESERVED && p &&
suser(p->p_ucred, &p->p_acflag))
return (EACCES);
- if (so->so_uid) {
+ if (so->so_uid && !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
t = in_pcblookup_local(inp->inp_pcbinfo,
sin->sin_addr, lport, INPLOOKUP_WILDCARD);
if (t && (so->so_uid != t->inp_socket->so_uid))
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-multimedia" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?98Apr28.092226pdt.177515>