Commit a417016d authored by Jean Tourrilhes's avatar Jean Tourrilhes Committed by John W. Linville
Browse files

[PATCH] wext: Fix IWENCODEEXT security permissions 



	Check the permissions when user-space try to read the
encryption parameters via SIOCGIWENCODEEXT. This is trivial and
probably should go in 2.6.17...
	Bug was found by Brian Eaton <eaton.lists@gmail.com>, thanks !

Signed-off-by: default avatarJean Tourrilhes <jt@hpl.hp.com>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 3a1af6ff

net/core/dev.c

+2 −1
Original line number Diff line number Diff line
@@ -2698,7 +2698,8 @@ int dev_ioctl(unsigned int cmd, void __user *arg) 
				/* If command is `set a parameter', or

				 * `get the encoding parameters', check if

				 * the user has the right to do it */

				if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE) {

				if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE

				    || cmd == SIOCGIWENCODEEXT) {

					if (!capable(CAP_NET_ADMIN))

						return -EPERM;

				}

CRA Git | Maintained and supported by SUSTech CRA and CCSE