netdev
[Top] [All Lists]

Re: Check connect address in NETLINK

To: Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>
Subject: Re: Check connect address in NETLINK
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Jun 2004 21:27:51 +1000
Cc: "David S. Miller" <davem@xxxxxxxxxx>, netdev@xxxxxxxxxxx
In-reply-to: <20040629111833.GA22880@gondor.apana.org.au>
References: <20040628231439.GA3021@gondor.apana.org.au> <20040629082252.GA26866@ms2.inr.ac.ru> <20040629084552.GA6202@gondor.apana.org.au> <20040629111433.GA28463@ms2.inr.ac.ru> <20040629111833.GA22880@gondor.apana.org.au>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040523i
On Tue, Jun 29, 2004 at 09:18:33PM +1000, herbert wrote:
> > > Or we can set the disconnected pid to a negative value since POSIX
> > > requires pid_t to be signed.  I see that you've reserved everything
> > > between -4096 and 0.  So perhaps we can pick -1?

Actually that doesn't quite work.  Users are allowed to bind to any
non-zero address including -1.  Besides, we already have sock->sk_state
and socket->state which are perfect for this.

So here is a patch to disallow sending unicast messages to connected
sockets from addresses other than the one that it is connected to.

I've tested it with a locally patched Openswan and it works as
intended by stopping me from sending bogus messages to it and
still allowing kernel messages to go through.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email:  Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Attachment: p
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>