From: Jean Tourrilhes Date: Tue, 4 Apr 2006 22:53:43 +0000 (-0700) Subject: [PATCH] wext: Fix IWENCODEEXT security permissions X-Git-Tag: v2.6.17-rc3~57^2^2~16 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a417016d1a07e6df0621dbb2926da82642eca823;p=linux-2.6 [PATCH] wext: Fix IWENCODEEXT security permissions Check the permissions when user-space try to read the encryption parameters via SIOCGIWENCODEEXT. This is trivial and probably should go in 2.6.17... Bug was found by Brian Eaton , thanks ! Signed-off-by: Jean Tourrilhes Signed-off-by: John W. Linville --- diff --git a/net/core/dev.c b/net/core/dev.c index 83231a27ae..3bad1afc89 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -2698,7 +2698,8 @@ int dev_ioctl(unsigned int cmd, void __user *arg) /* If command is `set a parameter', or * `get the encoding parameters', check if * the user has the right to do it */ - if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE) { + if (IW_IS_SET(cmd) || cmd == SIOCGIWENCODE + || cmd == SIOCGIWENCODEEXT) { if (!capable(CAP_NET_ADMIN)) return -EPERM; }