jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-12-03 21:18:59 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Teach route(8) how to deal with root being in a prison. If prison

Browse Source 
root is allowed to create raw sockets, then they will be able to create
routing sockets, too.  However prison-root is not able to manipulate
routing tables.  So when route(8) attempts to write to a routing
socket and recieves EPERM from the kernel, exit rather than moving
on with execution.

Approved by:    bmilekic (mentor)
This commit is contained in:
Christian S.J. Peron 2004-05-07 15:33:17 +00:00
parent 912467dc98
commit 9251dd77ca
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=129034
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sbin/route/route.c
View File

@ -273,6 +273,8 @@ retry:
rtm->rtm_type = RTM_DELETE;
rtm->rtm_seq = seqno;
rlen = write(s, next, rtm->rtm_msglen);
if (rlen < 0 && errno == EPERM)
err(1, "write to routing socket");
if (rlen < (int)rtm->rtm_msglen) {
warn("write to routing socket");
(void) printf("got only %d for rlen\n", rlen);
@ -1223,6 +1225,8 @@ rtmsg(cmd, flags)
if (debugonly)
return (0);
if ((rlen = write(s, (char *)&m_rtmsg, l)) < 0) {
if (errno == EPERM)
err(1, "writing to routing socket");
warn("writing to routing socket");
return (-1);
}