On Tue, Jun 29, 2004 at 09:18:33PM +1000, herbert wrote:
> > > Or we can set the disconnected pid to a negative value since POSIX
> > > requires pid_t to be signed. I see that you've reserved everything
> > > between -4096 and 0. So perhaps we can pick -1?
Actually that doesn't quite work. Users are allowed to bind to any
non-zero address including -1. Besides, we already have sock->sk_state
and socket->state which are perfect for this.
So here is a patch to disallow sending unicast messages to connected
sockets from addresses other than the one that it is connected to.
I've tested it with a locally patched Openswan and it works as
intended by stopping me from sending bogus messages to it and
still allowing kernel messages to go through.
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
p
Description: Text document
|