Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 64a0c1c8 authored by Ivan Skytte Jorgensen's avatar Ivan Skytte Jorgensen Committed by Sridhar Samudrala
Browse files

[SCTP] Do not allow unprivileged programs initiating new associations on 


privileged ports.

Signed-off-by: default avatarIvan Skytte Jorgensen <isj-sctp@i1.dk>
Signed-off-by: default avatarSridhar Samudrala <sri@us.ibm.com>
parent 96a33998

net/sctp/socket.c

+26 −0
Original line number Diff line number Diff line
@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk, 
					err = -EAGAIN;

					goto out_free;

				}

			} else {

				/*

				 * If an unprivileged user inherits a 1-many 

				 * style socket with open associations on a 

				 * privileged port, it MAY be permitted to 

				 * accept new associations, but it SHOULD NOT 

				 * be permitted to open new associations.

				 */

				if (ep->base.bind_addr.port < PROT_SOCK &&

				    !capable(CAP_NET_BIND_SERVICE)) {

					err = -EACCES;

					goto out_free;

				}

			}



			scope = sctp_scope(&to);
@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, 
				err = -EAGAIN;

				goto out_unlock;

			}

		} else {

			/*

			 * If an unprivileged user inherits a one-to-many

			 * style socket with open associations on a privileged

			 * port, it MAY be permitted to accept new associations,

			 * but it SHOULD NOT be permitted to open new

			 * associations.

			 */

			if (ep->base.bind_addr.port < PROT_SOCK &&

			    !capable(CAP_NET_BIND_SERVICE)) {

				err = -EACCES;

				goto out_unlock;

			}

		}



		scope = sctp_scope(&to);