diff options
| author | Casper H.S. Dik <Casper.Dik@Sun.COM> | 2010-01-18 11:49:54 +0100 |
|---|---|---|
| committer | Casper H.S. Dik <Casper.Dik@Sun.COM> | 2010-01-18 11:49:54 +0100 |
| commit | 634e26ec75c89095090605284938356a3145f2b8 (patch) | |
| tree | 411932e9f58f9cef9c79e03e43f36f37d94a1f7e /usr/src/uts/common/inet/tcp/tcp.c | |
| parent | 7e74b1cbfbcc8e275ebbe110d0ef76dcef652727 (diff) | |
| download | illumos-joyent-634e26ec75c89095090605284938356a3145f2b8.tar.gz | |
PSARC 2009/686 Improving the use and debugging of the basic privilege set.
PSARC/2009/685 Basic Network Privilege
6434380 Expanding the basic privilege set in order to restrict network access and IPC
6912229 Multiple applications mishandle privilege operations, particular they ignore the basic set
6915243 dladm mishandles basic privileges
6915244 in.tftpd mishandles privileges operations
6915250 NDMP mishandles basic privileges
6915257 smbd mishandles basic privileges
6915277 login audit mishandles basic privileges
6915284 su audit mishandles basic privileges
6915778 lpd-port mishandles basic privileges
6915782 zlogin mishandles basic privileges
Diffstat (limited to 'usr/src/uts/common/inet/tcp/tcp.c')
| -rw-r--r-- | usr/src/uts/common/inet/tcp/tcp.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/usr/src/uts/common/inet/tcp/tcp.c b/usr/src/uts/common/inet/tcp/tcp.c index e1c1c60dc1..9d956cb7cf 100644 --- a/usr/src/uts/common/inet/tcp/tcp.c +++ b/usr/src/uts/common/inet/tcp/tcp.c @@ -7805,6 +7805,12 @@ tcp_create_common(cred_t *credp, boolean_t isv6, boolean_t issocket, ASSERT(tcps != NULL); } else { netstack_t *ns; + int err; + + if ((err = secpolicy_basic_net_access(credp)) != 0) { + *errorp = err; + return (NULL); + } ns = netstack_find_by_cred(credp); ASSERT(ns != NULL); |