summaryrefslogtreecommitdiffstats
path: root/sys/net/rtsock.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/net/rtsock.c')
-rw-r--r--sys/net/rtsock.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
index c4eebf7..c13f4ec 100644
--- a/sys/net/rtsock.c
+++ b/sys/net/rtsock.c
@@ -36,6 +36,7 @@
#include <sys/jail.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/protosw.h>
#include <sys/signalvar.h>
@@ -372,8 +373,11 @@ route_output(struct mbuf *m, struct socket *so)
* Verify that the caller has the appropriate privilege; RTM_GET
* is the only operation the non-superuser is allowed.
*/
- if (rtm->rtm_type != RTM_GET && (error = suser(curthread)) != 0)
- senderr(error);
+ if (rtm->rtm_type != RTM_GET) {
+ error = priv_check(curthread, PRIV_NET_ROUTE);
+ if (error)
+ senderr(error);
+ }
switch (rtm->rtm_type) {
struct rtentry *saved_nrt;
OpenPOWER on IntegriCloud