diff options
author | ps <ps@FreeBSD.org> | 2001-10-05 07:06:32 +0000 |
---|---|---|
committer | ps <ps@FreeBSD.org> | 2001-10-05 07:06:32 +0000 |
commit | 38383190d52e794a70d2b71ee33fa321e5109e7a (patch) | |
tree | 953170eca78713bb41696224e03ab9f195a51086 /sys/netinet/ip_fw.c | |
parent | 9f7723d2e481ba58d2544017b5a18c2ce93dca5c (diff) | |
download | FreeBSD-src-38383190d52e794a70d2b71ee33fa321e5109e7a.zip FreeBSD-src-38383190d52e794a70d2b71ee33fa321e5109e7a.tar.gz |
Only allow users to see their own socket connections if
kern.ipc.showallsockets is set to 0.
Submitted by: billf (with modifications by me)
Inspired by: Dave McKay (aka pm aka Packet Magnet)
Reviewed by: peter
MFC after: 2 weeks
Diffstat (limited to 'sys/netinet/ip_fw.c')
-rw-r--r-- | sys/netinet/ip_fw.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/sys/netinet/ip_fw.c b/sys/netinet/ip_fw.c index fbd2e90..320672c 100644 --- a/sys/netinet/ip_fw.c +++ b/sys/netinet/ip_fw.c @@ -1346,8 +1346,7 @@ again: if (P && P->inp_socket) { if (f->fw_flg & IP_FW_F_UID) { - if (P->inp_socket->so_cred->cr_uid != - f->fw_uid) + if (socheckuid(P->inp_socket, f->fw_uid)) continue; } else if (!groupmember(f->fw_gid, P->inp_socket->so_cred)) @@ -1375,8 +1374,7 @@ again: if (P && P->inp_socket) { if (f->fw_flg & IP_FW_F_UID) { - if (P->inp_socket->so_cred->cr_uid != - f->fw_uid) + if (socheckuid(P->inp_socket, f->fw_uid)) continue; } else if (!groupmember(f->fw_gid, P->inp_socket->so_cred)) |