Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit cdaadb47 authored by Hugo Benichi's avatar Hugo Benichi Committed by Bowgo Tsai
Browse files

Ensure icmp redirects are always ignored 

A side effect of disabling the ip forwarding sysconf on all
interfaces is to re-enable the ICMP redirects sysconf on all
interfaces.

This patch ensures that ICMP redirects stays turned off when disabling
ip forwarding in TetherController.

Accepting ICMP redirects can allow an attacker to inject malicious
routes into a host and it is therefore desirable to always reject them.

Bug: 62387578
Bug: 77541904
Test: manual
Change-Id: I1f9a950eebf2f65d047f33145feee40d3ab34bd9
(cherry picked from commit c4b3a0c6)
parent 412a7e50
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment