[PATCH] wext: Fix RtNetlink ENCODE security permissions

I've just realised that the RtNetlink code does not check the permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that any user can read the encryption keys. The fix is trivial and should go in 2.6.17 alonside the two other patch I sent you last week. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>

[PATCH] wext: Fix RtNetlink ENCODE security permissions
I've just realised that the RtNetlink code does not check the permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that any user can read the encryption keys. The fix is trivial and should go in 2.6.17 alonside the two other patch I sent you last week. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
848ef855 · Jean Tourrilhes · John W. Linville · a392149e · 848ef855
Commit 848ef855 authored Apr 14, 2006 by Jean Tourrilhes Committed by John W. Linville Apr 19, 2006
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 0 deletions

net/core/wireless.c net/core/wireless.c +8 -0

No files found.
--- a/net/core/wireless.c
+++ b/net/core/wireless.c
@@ -1726,6 +1726,14 @@ int wireless_rtnetlink_get(struct net_device *	dev,
 	if(!IW_IS_GET(request->cmd))
 		return -EOPNOTSUPP;

+	/* If command is `get the encoding parameters', check if
+	 * the user has the right to do it */
+	if (request->cmd == SIOCGIWENCODE ||
+	    request->cmd == SIOCGIWENCODEEXT) {
+		if (!capable(CAP_NET_ADMIN))
+			return -EPERM;
+	}
+
 	/* Special cases */
 	if(request->cmd == SIOCGIWSTATS)
 		/* Get Wireless Stats */