Date: Tue, 28 Apr 1998 09:22:19 PDT From: Bill Fenner <fenner@parc.xerox.com> To: Luigi Rizzo <luigi@labinfo.iet.unipi.it> Cc: MBONE@isi.edu, multimedia@FreeBSD.ORG Subject: Re: multiple sdr -- found the problem Message-ID: <98Apr28.092226pdt.177515@crevenia.parc.xerox.com> In-Reply-To: Your message of "Mon, 27 Apr 98 23:37:08 PDT." <199804280637.IAA25958@labinfo.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo <luigi@labinfo.iet.unipi.it> wrote: >I can see a reason for checking privileges on a bind -- if multiple >processes bind to the same port, some unprivileged process might >steal packet to another, more privileged one -- especially for >unicast traffic. Right, but with multicast, the packets are replicated to all processes bound to the port, so this case doesn't apply. >I wonder if it affects: > 1) other systems; I believe this particular diff came from OpenBSD: 1.39 Sun Mar 1 19:39:26 1998 UTC by guido Make sure that you can only bind a more specific address when it is done by the same uid. Obtained from: OpenBSD so OpenBSD is presumably affected in the same way. Here's a straightforward fix to try. Bill Index: in_pcb.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.43 diff -u -r1.43 in_pcb.c --- in_pcb.c 1998/04/19 17:22:30 1.43 +++ in_pcb.c 1998/04/28 16:16:17 @@ -197,7 +197,7 @@ if (ntohs(lport) < IPPORT_RESERVED && p && suser(p->p_ucred, &p->p_acflag)) return (EACCES); - if (so->so_uid) { + if (so->so_uid && !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { t = in_pcblookup_local(inp->inp_pcbinfo, sin->sin_addr, lport, INPLOOKUP_WILDCARD); if (t && (so->so_uid != t->inp_socket->so_uid)) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-multimedia" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?98Apr28.092226pdt.177515>