Small credentials fix for net/core/scm.c

Alexander Kjeldaas (astor@guardian.no)
Thu, 23 Apr 1998 02:40:51 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Gooch: "Re: Choice of "XT PIC" in /proc/interrupts"
Previous message: Raul Miller: "Re: [Offtopic] Unicode, kernels, Linux and NT"

The function checked for super-user privileges before normal
privileges so I moved the test to the end for accounting purposes.

--- scm.c Mon Mar 2 21:02:26 1998
+++ scm.c.new Thu Apr 23 02:33:27 1998
@@ -45,18 +45,16 @@

static __inline__ int scm_check_creds(struct ucred *creds)
{
- /* N.B. The test for suser should follow the credential check */
- if (suser())
+ if (creds->pid == current->pid &&
+ (creds->uid == current->uid || creds->uid == current->euid ||
+ creds->uid == current->suid) &&
+ (creds->gid == current->gid || creds->gid == current->egid ||
+ creds->gid == current->sgid))
return 0;
- if (creds->pid != current->pid ||
- (creds->uid != current->uid && creds->uid != current->euid &&
- creds->uid != current->suid) ||
- (creds->gid != current->gid && creds->gid != current->egid &&
- creds->gid != current->sgid))
- return -EPERM;
- return 0;
+ if (capable(CAP_SETUID))
+ return 0;
+ return -EPERM;
}
-

static int scm_fp_copy(struct cmsghdr *cmsg, struct scm_fp_list **fplp)
{

astor

-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Richard Gooch: "Re: Choice of "XT PIC" in /proc/interrupts"
Previous message: Raul Miller: "Re: [Offtopic] Unicode, kernels, Linux and NT"