From 823d828036dcc0c73682377a119e160758282ac6 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Wed, 26 Sep 2001 19:58:29 +0000
Subject: o Modify IPFW and DUMMYNET administrative setsockopt() calls to use  
 securelevel_gt() to check the securelevel, rather than direct access   to the
 securelevel variable.

Obtained from:	TrustedBSD Project
---
 sys/netinet/ip_dummynet.c |  7 +++++--
 sys/netinet/ip_fw.c       | 11 ++++++++---
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/sys/netinet/ip_dummynet.c b/sys/netinet/ip_dummynet.c
index 8f69866..b46be2e 100644
--- a/sys/netinet/ip_dummynet.c
+++ b/sys/netinet/ip_dummynet.c
@@ -1817,8 +1817,11 @@ ip_dn_ctl(struct sockopt *sopt)
     struct dn_pipe *p, tmp_pipe;
 
     /* Disallow sets in really-really secure mode. */
-    if (sopt->sopt_dir == SOPT_SET && securelevel >= 3)
-	return (EPERM);
+    if (sopt->sopt_dir == SOPT_SET) {
+	error =  securelevel_ge(sopt->sopt_td->td_proc->p_ucred, 3);
+	if (error)
+	    return (error);
+    }
 
     switch (sopt->sopt_name) {
     default :
diff --git a/sys/netinet/ip_fw.c b/sys/netinet/ip_fw.c
index 1be4bf5..cb21e56 100644
--- a/sys/netinet/ip_fw.c
+++ b/sys/netinet/ip_fw.c
@@ -38,6 +38,7 @@
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/kernel.h>
+#include <sys/proc.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
@@ -1863,9 +1864,13 @@ ip_fw_ctl(struct sockopt *sopt)
 	 * Disallow modifications in really-really secure mode, but still allow
 	 * the logging counters to be reset.
 	 */
-	if (securelevel >= 3 && (sopt->sopt_name == IP_FW_ADD ||
-	    (sopt->sopt_dir == SOPT_SET && sopt->sopt_name != IP_FW_RESETLOG)))
-			return (EPERM);
+	if (sopt->sopt_name == IP_FW_ADD ||
+	    (sopt->sopt_dir == SOPT_SET && sopt->sopt_name != IP_FW_RESETLOG)) {
+		error = securelevel_ge(sopt->sopt_td->td_proc->p_ucred, 3);
+		if (error)
+			return (error);
+	}
+
 	error = 0;
 
 	switch (sopt->sopt_name) {
-- 
cgit v1.1