diff options
author | Mark Johnston <markj@FreeBSD.org> | 2021-04-01 13:58:32 +0000 |
---|---|---|
committer | Mark Johnston <markj@FreeBSD.org> | 2021-04-01 14:00:29 +0000 |
commit | b8ae450f05e62a851f444edaf7db2506ff99aa37 (patch) | |
tree | f00ca2079940b1ee68382bea608729b29c6a4f47 | |
parent | 02f26e98c7f4d43d6bd077421286da455e069146 (diff) | |
download | src-b8ae450f05e62a851f444edaf7db2506ff99aa37.tar.gz src-b8ae450f05e62a851f444edaf7db2506ff99aa37.zip |
traceroute6: Fix Capsicum rights for rcvsock
- Always use distinct sockets for send and recv
- Limit rights on the recv socket
For ICMP6 we were using the same socket for both send and receive, and
we limited rights on the socket such that it's impossible to receive
anything.
PR: 254623
Diagnosed by: Zhenlei Huang <zlei.huang@gmail.com>
Reviewed by: oshogbo
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29523
-rw-r--r-- | usr.sbin/traceroute6/traceroute6.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/usr.sbin/traceroute6/traceroute6.c b/usr.sbin/traceroute6/traceroute6.c index 7663283a6c44..8449a9861302 100644 --- a/usr.sbin/traceroute6/traceroute6.c +++ b/usr.sbin/traceroute6/traceroute6.c @@ -578,8 +578,6 @@ main(int argc, char *argv[]) */ switch (useproto) { case IPPROTO_ICMPV6: - sndsock = rcvsock; - break; case IPPROTO_NONE: case IPPROTO_SCTP: case IPPROTO_TCP: @@ -928,7 +926,6 @@ main(int argc, char *argv[]) * namespaces (e.g filesystem) is restricted (see capsicum(4)). * We must connect(2) our socket before this point. */ - if (caph_enter_casper() < 0) { fprintf(stderr, "caph_enter_casper: %s\n", strerror(errno)); exit(1); @@ -940,6 +937,12 @@ main(int argc, char *argv[]) strerror(errno)); exit(1); } + cap_rights_init(&rights, CAP_RECV); + if (caph_rights_limit(rcvsock, &rights) < 0) { + fprintf(stderr, "caph_rights_limit rcvsock: %s\n", + strerror(errno)); + exit(1); + } /* * Main loop |