diff options
| author |   bluhm <bluhm@openbsd.org> | 2019-11-07 11:55:02 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2019-11-07 11:55:02 +0000 |
| commit | a5ad957cf6fe6ab2e08547531610e02b171e5cee (patch) | |
| tree | 697355cf4ae6d6932bb648474f5657594546fd22 | |
| parent | remove the detach and linkstate hooks when the parent is going away. (diff) | |
| download | wireguard-openbsd-a5ad957cf6fe6ab2e08547531610e02b171e5cee.tar.xz wireguard-openbsd-a5ad957cf6fe6ab2e08547531610e02b171e5cee.zip | |
Only root is allowed to set the WEP key. Add an suser() check to
enforce this for the an(4) wireless network device.
found by Ilja Van Sprundel; OK dlg@ deraadt@ mpi@
| -rw-r--r-- | sys/dev/ic/an.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/dev/ic/an.c b/sys/dev/ic/an.c index d3b9ada242c..54da66085ad 100644 --- a/sys/dev/ic/an.c +++ b/sys/dev/ic/an.c @@ -1,4 +1,4 @@ -/* $OpenBSD: an.c,v 1.73 2018/02/19 08:59:52 mpi Exp $ */ +/* $OpenBSD: an.c,v 1.74 2019/11/07 11:55:02 bluhm Exp $ */ /* $NetBSD: an.c,v 1.34 2005/06/20 02:49:18 atatat Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -902,6 +902,8 @@ an_ioctl(struct ifnet *ifp, u_long command, caddr_t data) error = 0; break; case SIOCS80211NWKEY: + if ((error = suser(curproc)) != 0) + break; error = an_set_nwkey(sc, (struct ieee80211_nwkey *)data); break; case SIOCG80211NWKEY: |