diff options
author | pwernau <none@none> | 2006-07-24 13:05:14 -0700 |
---|---|---|
committer | pwernau <none@none> | 2006-07-24 13:05:14 -0700 |
commit | 1d76fceaaa9387aa83875cdb57678c1edcf4696d (patch) | |
tree | f53e3259351f3f38a36900880e6a3ac8b6f95378 | |
parent | b4a51ac199bca44f346001c5a5b4555894ca63b2 (diff) | |
download | illumos-gate-1d76fceaaa9387aa83875cdb57678c1edcf4696d.tar.gz |
6425832 IP_NEXTHOP socket option has incomplete cred check
-rw-r--r-- | usr/src/uts/common/inet/ip/ip.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/usr/src/uts/common/inet/ip/ip.c b/usr/src/uts/common/inet/ip/ip.c index 64a53a1ea4..51b0b97786 100644 --- a/usr/src/uts/common/inet/ip/ip.c +++ b/usr/src/uts/common/inet/ip/ip.c @@ -10090,6 +10090,9 @@ ip_opt_set(queue_t *q, uint_t optset_context, int level, int name, case IPPROTO_IP: switch (name) { case IP_NEXTHOP: + if (secpolicy_net_config(cr, B_FALSE) != 0) + return (EPERM); + /* FALLTHRU */ case IP_MULTICAST_IF: case IP_DONTFAILOVER_IF: { ipaddr_t addr = *i1; |