- Use suser_cred(9) instead of directly checking cr_uid.

- Change the order of conditions to first verify that we actually need to check for privileges and then eventually check them. Reviewed by: rwatson
author: pjd <pjd@FreeBSD.org> 2006-06-27 11:35:53 +0000
committer: pjd <pjd@FreeBSD.org> 2006-06-27 11:35:53 +0000
commit: 7f09680f0c87e3fa5b79fafb2016eb337dd35779 (patch)
tree: a0df08bb1fe778e4df12a8e3d98c6ee7b968e52c /sys/netinet/in_pcb.c
parent: 97382ba992b2246952e73a36460bcdfbb32f1c02 (diff)
download: FreeBSD-src-7f09680f0c87e3fa5b79fafb2016eb337dd35779.zip
FreeBSD-src-7f09680f0c87e3fa5b79fafb2016eb337dd35779.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 83b9407..317be67 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -331,8 +331,8 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 				return (EACCES);
 			if (jailed(cred))
 				prison = 1;
-			if (so->so_cred->cr_uid != 0 &&
-			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
+			if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
+			    suser_cred(so->so_cred, SUSER_ALLOWJAIL) != 0) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport,
 				    prison ? 0 :  INPLOOKUP_WILDCARD);
author	pjd <pjd@FreeBSD.org>	2006-06-27 11:35:53 +0000
committer	pjd <pjd@FreeBSD.org>	2006-06-27 11:35:53 +0000
commit	7f09680f0c87e3fa5b79fafb2016eb337dd35779 (patch)
tree	a0df08bb1fe778e4df12a8e3d98c6ee7b968e52c /sys/netinet/in_pcb.c
parent	97382ba992b2246952e73a36460bcdfbb32f1c02 (diff)
download	FreeBSD-src-7f09680f0c87e3fa5b79fafb2016eb337dd35779.zip FreeBSD-src-7f09680f0c87e3fa5b79fafb2016eb337dd35779.tar.gz