[PATCH] wext: Fix IWENCODEEXT security permissions
authorJean Tourrilhes <jt@hpl.hp.com>
Tue, 4 Apr 2006 22:53:43 +0000 (15:53 -0700)
committerJohn W. Linville <linville@tuxdriver.com>
Wed, 19 Apr 2006 21:25:38 +0000 (17:25 -0400)
Check the permissions when user-space try to read the
encryption parameters via SIOCGIWENCODEEXT. This is trivial and
probably should go in 2.6.17...
Bug was found by Brian Eaton <eaton.lists@gmail.com>, thanks !

Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
net/core/dev.c

index 83231a27ae028caa5c0757d35c9d107220e8711e..3bad1afc89fa48b505c001a24da094de18f14cab 100644 (file)
@@ -2698,7 +2698,8 @@ int dev_ioctl(unsigned int cmd, void __user *arg)
                                /* If command is `set a parameter', or
                                 * `get the encoding parameters', check if
                                 * the user has the right to do it */
-                               if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE) {
+                               if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE
+                                   || cmd == SIOCGIWENCODEEXT) {
                                        if (!capable(CAP_NET_ADMIN))
                                                return -EPERM;
                                }