summaryrefslogtreecommitdiffstats
path: root/sys/kern/uipc_socket.c
diff options
context:
space:
mode:
authorps <ps@FreeBSD.org>2001-10-05 07:06:32 +0000
committerps <ps@FreeBSD.org>2001-10-05 07:06:32 +0000
commit38383190d52e794a70d2b71ee33fa321e5109e7a (patch)
tree953170eca78713bb41696224e03ab9f195a51086 /sys/kern/uipc_socket.c
parent9f7723d2e481ba58d2544017b5a18c2ce93dca5c (diff)
downloadFreeBSD-src-38383190d52e794a70d2b71ee33fa321e5109e7a.zip
FreeBSD-src-38383190d52e794a70d2b71ee33fa321e5109e7a.tar.gz
Only allow users to see their own socket connections if
kern.ipc.showallsockets is set to 0. Submitted by: billf (with modifications by me) Inspired by: Dave McKay (aka pm aka Packet Magnet) Reviewed by: peter MFC after: 2 weeks
Diffstat (limited to 'sys/kern/uipc_socket.c')
-rw-r--r--sys/kern/uipc_socket.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index 0b40522..94b6b00 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -92,6 +92,10 @@ static int somaxconn = SOMAXCONN;
SYSCTL_INT(_kern_ipc, KIPC_SOMAXCONN, somaxconn, CTLFLAG_RW,
&somaxconn, 0, "Maximum pending socket connection queue size");
+int showallsockets = 1;
+SYSCTL_INT(_kern_ipc, OID_AUTO, showallsockets, CTLFLAG_RW, &showallsockets,
+ 0, "show users all other users pcb data");
+
/*
* Socket operation routines.
* These routines are called by the routines in
@@ -1644,3 +1648,29 @@ filt_solisten(struct knote *kn, long hint)
kn->kn_data = so->so_qlen - so->so_incqlen;
return (! TAILQ_EMPTY(&so->so_comp));
}
+
+int
+socheckuid(struct socket *so, uid_t uid)
+{
+
+ if (so == NULL)
+ return (EPERM);
+ if (so->so_cred->cr_uid == uid)
+ return (0);
+ return (EPERM);
+}
+
+int
+socheckproc(struct socket *so, struct proc *p)
+{
+
+ if (p == NULL)
+ return (ESRCH);
+ if (socheckuid(so, p->p_ucred->cr_ruid) == 0)
+ return (0);
+ if (socheckuid(so, p->p_ucred->cr_uid) == 0)
+ return (0);
+ if (!suser_xxx(0, p, PRISON_ROOT))
+ return (0);
+ return (EPERM);
+}
OpenPOWER on IntegriCloud