diff options
| author |   kn <kn@openbsd.org> | 2020-08-19 11:23:59 +0000 |
|---|---|---|
| committer | kn <kn@openbsd.org> | 2020-08-19 11:23:59 +0000 |
| commit | a285515894cd1a4a2b58d1ab4ef99d8218a7877e (patch) | |
| tree | 2fd57f39955fb367620ebd18cd26a92f9216dfbc | |
| parent | Handle EADDRNOAVAIL from connect(2) gracefully (diff) | |
| download | wireguard-openbsd-a285515894cd1a4a2b58d1ab4ef99d8218a7877e.tar.xz wireguard-openbsd-a285515894cd1a4a2b58d1ab4ef99d8218a7877e.zip | |
Allow SIOCSWGDPID and SIOCSWGMAXFLOW ioctls for non-root
ifconfig(8) detects switch(4) through its unique SIOCSWGDPID ioctl(2) and
further does another switch specific ioctl for the default output regardless
of configuration and/or members.
But since these two ioctls are limited to root, running ifconfig as
unprivileged user makes switch interfaces partially appear as bridge devices
because the detection fails, e.g. STP parameters are shown instead of
datapath id and flow parameters.
ifioctl() limits a list of set/write ioctls to root, but these two read-only
ioctls seem to have been listed by mistake, so remove them to omit the root
check and fix "ifconfig switch" output for unprivileged users.
Feedback from dlg
| -rw-r--r-- | sys/net/if.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index 42f342d7fdf..52b3d78142f 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.618 2020/08/05 11:07:34 mvs Exp $ */ +/* $OpenBSD: if.c,v 1.619 2020/08/19 11:23:59 kn Exp $ */ /* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */ /* @@ -2160,9 +2160,7 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) case SIOCBRDGSIFCOST: case SIOCBRDGSTXHC: case SIOCBRDGSPROTO: - case SIOCSWGDPID: case SIOCSWSPORTNO: - case SIOCSWGMAXFLOW: #endif if ((error = suser(p)) != 0) break; |