patch-2.1.100 linux/net/ipv4/af_inet.c
Next file: linux/net/ipv4/devinet.c
Previous file: linux/net/ethernet/pe2.c
Back to the patch index
Back to the overall index
- Lines: 37
- Date:
Wed May 6 10:56:07 1998
- Orig file:
v2.1.99/linux/net/ipv4/af_inet.c
- Orig date:
Sat May 2 14:19:55 1998
diff -u --recursive --new-file v2.1.99/linux/net/ipv4/af_inet.c linux/net/ipv4/af_inet.c
@@ -374,7 +374,7 @@
sock->ops = &inet_dgram_ops;
break;
case SOCK_RAW:
- if (!suser())
+ if (!capable(CAP_NET_RAW))
goto free_and_badperm;
if (!protocol)
goto free_and_noproto;
@@ -521,7 +521,7 @@
#endif
if (snum == 0)
snum = sk->prot->good_socknum();
- if (snum < PROT_SOCK && !suser())
+ if (snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
return(-EACCES);
chk_addr_ret = inet_addr_type(addr->sin_addr.s_addr);
@@ -529,7 +529,7 @@
chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST) {
#ifdef CONFIG_IP_TRANSPARENT_PROXY
/* Superuser may bind to any address to allow transparent proxying. */
- if(chk_addr_ret != RTN_UNICAST || !suser())
+ if(chk_addr_ret != RTN_UNICAST || !capable(CAP_NET_ADMIN))
#endif
return -EADDRNOTAVAIL; /* Source address MUST be ours! */
}
@@ -868,7 +868,8 @@
err = get_user(pid, (int *) arg);
if (err)
return err;
- if (current->pid != pid && current->pgrp != -pid && !suser())
+ if (current->pid != pid && current->pgrp != -pid &&
+ !capable(CAP_NET_ADMIN))
return -EPERM;
sk->proc = pid;
return(0);
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen, slshen@lbl.gov