ip6_forward() has the following two lines:
if (ipv6_devconf.forwarding == 0 && opt->srcrt == 0)
goto error;
Aside from the other issue of per-interface forwarding :-), this appears to
allow
forwarding of source-routed packets even when the node is a host, only. That
seems to be a security hole to me. Suppose you have a multihomed host, or
in a different world, a router with per-interface routing and forwarding turned
off
on the input interface. If that host has routing to networks that some other
machine
can't reach, a bad guy can simply source-route through the privileged host where
normal routing would fail. (it appears)
Is there something else that would prohibit this? Is it intentional? I was
thinking this should be just
if (ipv6_devconf.forwarding == 0)
goto error;
[only forward packets, source-routed or not, if forwarding is on]
or (better :-)) something like
in_idev = in6_dev_get(skb->dev);
if (!in_idev)
goto error;
forwarding = in_idev->cnf.forwarding;
in6_dev_put(in_idev);
if (!forwarding)
goto error;
[only forward packets if the input device's forwarding flag is on]
+-DLS
|