kernel: deny swconfig set requests for unprivileged users
The swconfig kernel infrastructure fails to do any permissions checks when changing settings. As such an ordinary user account on a device with a switch can change switch settings without any special permissions. Routers generally have few non-admin users so this isn't a big hole, but it is a security hole. Likely the greatest danger is for multifunction devices which have a lot of extra daemons, compromising a low-security daemon would allow one to modify switch settings and cause the router/switch to appear to lock-up (or cause other sorts of troublesome nyetwork behavior). Implement a check for CAP_NET_ADMIN in swconfig_set_attr() and deny any requests originating from user contexts lacking this capability. Reported-by: Elliott Mitchell <ehem+openwrt@m5p.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This commit is contained in:
Jo-Philipp Wich
parent
dd182011e1
commit
442db0d6d8
@ -635,6 +635,9 @@ swconfig_set_attr(struct sk_buff *skb, struct genl_info *info)
|
|||||||
struct switch_val val;
|
struct switch_val val;
|
||||||
int err = -EINVAL;
|
int err = -EINVAL;
|
||||||
|
|
||||||
|
if (!capable(CAP_NET_ADMIN))
|
||||||
|
return -EPERM;
|
||||||
|
|
||||||
dev = swconfig_get_dev(info);
|
dev = swconfig_get_dev(info);
|
||||||
if (!dev)
|
if (!dev)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user