Security fixes. (Just same as sbin/ping and usr.sbin/traceroute)

  -Open socket() at first and then setuid() to actual user.
  -Allow ping6 preload option only for root.

Approved by: jkh

Submitted by: Neil Blakey-Milner <nbm@mithrandr.moria.org>

1 files changed, 9 insertions, 7 deletions

diff --git a/usr.sbin/traceroute6/traceroute6.c b/usr.sbin/traceroute6/traceroute6.c
index b006ac2..65f80e7 100644
--- a/usr.sbin/traceroute6/traceroute6.c
+++ b/usr.sbin/traceroute6/traceroute6.c
@@ -365,6 +365,15 @@ main(argc, argv)
 	static u_char rcvcmsgbuf[CMSG_SPACE(sizeof(struct in6_pktinfo))
 				+ CMSG_SPACE(sizeof(int))];
 
+	/*
+	 * Receive ICMP
+	 */
+	if ((rcvsock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
+		perror("traceroute6: icmp socket");
+		exit(5);
+	}
+	setuid(getuid());
+
 	on = 1;
 	seq = 0;
 
@@ -482,13 +491,6 @@ main(argc, argv)
 	}
 	(void) bzero((char *)outpacket, datalen);
 
-	/*
-	 * Receive ICMP
-	 */
-	if ((rcvsock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
-		perror("traceroute6: icmp socket");
-		exit(5);
-	}
 	/* initialize msghdr for receiving packets */
 	rcviov[0].iov_base = (caddr_t)packet;
 	rcviov[0].iov_len = sizeof(packet);