[PATCH] wext: Fix RtNetlink ENCODE security permissions

I've just realised that the RtNetlink code does not check the permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that any user can read the encryption keys. The fix is trivial and should go in 2.6.17 alonside the two other patch I sent you last week. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
author: Jean Tourrilhes <jt@hpl.hp.com> 2006-04-14 10:47:26 -0700
committer: John W. Linville <linville@tuxdriver.com> 2006-04-19 17:25:41 -0400
commit: 848ef8555296f25d9226d3bc43ce4028835ed633 (patch)
tree: 3db10d298e8c4cfe005b719552ac378685ab5c1a /net/core/wireless.c
parent: a392149ee14d1631d8632060c1fc3082729f83c8 (diff)
download: op-kernel-dev-848ef8555296f25d9226d3bc43ce4028835ed633.zip
op-kernel-dev-848ef8555296f25d9226d3bc43ce4028835ed633.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/net/core/wireless.c b/net/core/wireless.c
index 81d6995..d2bc72d 100644
--- a/net/core/wireless.c
+++ b/net/core/wireless.c
@@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_device *	dev,
 	if(!IW_IS_GET(request->cmd))
 		return -EOPNOTSUPP;
 
+	/* If command is `get the encoding parameters', check if
+	 * the user has the right to do it */
+	if (request->cmd == SIOCGIWENCODE ||
+	    request->cmd == SIOCGIWENCODEEXT) {
+		if (!capable(CAP_NET_ADMIN))
+			return -EPERM;
+	}
+
 	/* Special cases */
 	if(request->cmd == SIOCGIWSTATS)
 		/* Get Wireless Stats */
author	Jean Tourrilhes <jt@hpl.hp.com>	2006-04-14 10:47:26 -0700
committer	John W. Linville <linville@tuxdriver.com>	2006-04-19 17:25:41 -0400
commit	848ef8555296f25d9226d3bc43ce4028835ed633 (patch)
tree	3db10d298e8c4cfe005b719552ac378685ab5c1a /net/core/wireless.c
parent	a392149ee14d1631d8632060c1fc3082729f83c8 (diff)
download	op-kernel-dev-848ef8555296f25d9226d3bc43ce4028835ed633.zip op-kernel-dev-848ef8555296f25d9226d3bc43ce4028835ed633.tar.gz