CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2019/11/14 11:07:27
Modified files:
sys/dev/ic : Tag: OPENBSD_6_5 an.c
sys/net : Tag: OPENBSD_6_5 if.c if_spppsubr.c
Log message:
Only root is allowed to set the WEP key. Add an suser() check to
enforce this for the an(4) wireless network device.
found by Ilja Van Sprundel; from bluhm@; OK dlg@ deraadt@ mpi@
SIOCDVNETID mutates state, so should only be run by root.
found by Ilja Van Sprundel; from dlg@; OK deraadt@ mpi@ bluhm@
check for privileged bridges ioctls next to the other privileged ioctls.
there's now a bunch of drivers that implement the bridge ioctls,
but they're inconsistent at checking privilege. doing it up front
once means less code duplication, and more consistent application
of the checks.
found by Ilja Van Sprundel; from dlg@; OK bluhm@ deraadt@
unbreak ramdisks
from deraadt@
Non root user must not use ioctl(2) to mess around with the address
of a network interface.
from bluhm@; OK deraadt@ claudio@
Non root users must not set the parameters of pppoe(4) interfaces.
found by Ilja Van Sprundel; from bluhm@; OK deraadt@ dlg@
OpenBSD 6.5 errata 017
