aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Pecovnik <mike.pecovnik@gmail.com>2014-02-24 21:11:16 +0100
committerMoyster <oysterized@gmail.com>2019-05-03 18:54:26 +0200
commit35bbd572fe8f5cbdae2208968c68f6a9177f9fcd (patch)
tree02d3d23f849ff48ff7e50982083a54e52c24e7aa
parent1b52f3748f5b3b1f3debffac9fdb045080e878d6 (diff)
net: Fix permission check in netlink_connect()
netlink_sendmsg() was changed to prevent non-root processes from sending messages with dst_pid != 0. netlink_connect() however still only checks if nladdr->nl_groups is set. This patch modifies netlink_connect() to check for the same condition. Change-Id: I3179755947077de1d2a92a7573fbdac65314e6dc Signed-off-by: Mike Pecovnik <mike.pecovnik@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat
-rw-r--r--net/netlink/af_netlink.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 3af92c267..ceff60bde 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1398,8 +1398,8 @@ static int netlink_connect(struct socket *sock, struct sockaddr *addr,
if (addr->sa_family != AF_NETLINK)
return -EINVAL;
- /* Only superuser is allowed to send multicasts */
- if (nladdr->nl_groups && !netlink_allowed(sock, NL_CFG_F_NONROOT_SEND))
+ if ((nladdr->nl_groups || nladdr->nl_pid) &&
+ !netlink_allowed(sock, NL_CFG_F_NONROOT_SEND))
return -EPERM;
if (!nlk->portid)
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-14 15:02:15 +0000