diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in_pcb.c | 4 | ||||
-rw-r--r-- | sys/netinet/raw_ip.c | 2 | ||||
-rw-r--r-- | sys/netinet/tcp_subr.c | 4 | ||||
-rw-r--r-- | sys/netinet/tcp_timewait.c | 4 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 2 |
5 files changed, 8 insertions, 8 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 26076b9..9f40419 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -321,7 +321,7 @@ in_pcbbind_setup(inp, nam, laddrp, lportp, cred) /* GROSS */ if (ntohs(lport) <= ipport_reservedhigh && ntohs(lport) >= ipport_reservedlow && - suser_cred(cred, PRISON_ROOT)) + suser_cred(cred, SUSER_ALLOWJAIL)) return (EACCES); if (jailed(cred)) prison = 1; @@ -392,7 +392,7 @@ in_pcbbind_setup(inp, nam, laddrp, lportp, cred) last = ipport_hilastauto; lastport = &pcbinfo->lasthi; } else if (inp->inp_flags & INP_LOWPORT) { - if ((error = suser_cred(cred, PRISON_ROOT)) != 0) + if ((error = suser_cred(cred, SUSER_ALLOWJAIL)) != 0) return error; first = ipport_lowfirstauto; /* 1023 */ last = ipport_lowlastauto; /* 600 */ diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index ade4920..6b854c0 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -557,7 +557,7 @@ rip_attach(struct socket *so, int proto, struct thread *td) INP_INFO_WUNLOCK(&ripcbinfo); return (EPERM); } - if (td && (error = suser_cred(td->td_ucred, PRISON_ROOT)) != 0) { + if (td && (error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL)) != 0) { INP_INFO_WUNLOCK(&ripcbinfo); return error; } diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 9c9ac7f..2064df6 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -996,7 +996,7 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error, s; - error = suser_cred(req->td->td_ucred, PRISON_ROOT); + error = suser_cred(req->td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); error = SYSCTL_IN(req, addrs, sizeof(addrs)); @@ -1042,7 +1042,7 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error, s, mapped = 0; - error = suser_cred(req->td->td_ucred, PRISON_ROOT); + error = suser_cred(req->td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); error = SYSCTL_IN(req, addrs, sizeof(addrs)); diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 9c9ac7f..2064df6 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -996,7 +996,7 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error, s; - error = suser_cred(req->td->td_ucred, PRISON_ROOT); + error = suser_cred(req->td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); error = SYSCTL_IN(req, addrs, sizeof(addrs)); @@ -1042,7 +1042,7 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error, s, mapped = 0; - error = suser_cred(req->td->td_ucred, PRISON_ROOT); + error = suser_cred(req->td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); error = SYSCTL_IN(req, addrs, sizeof(addrs)); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 0997f9a..fc146d4 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -684,7 +684,7 @@ udp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error, s; - error = suser_cred(req->td->td_ucred, PRISON_ROOT); + error = suser_cred(req->td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); error = SYSCTL_IN(req, addrs, sizeof(addrs)); |