lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1605053.5clz4a2OYL@netadmin.sopron.nyme.hu>
Date:	Wed, 28 Mar 2012 11:17:14 +0200
From:	Németh Tamás <nt1277@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: Netlink and raw packet inconsistencies or obsolete man pages?

man 7 netlink states that:

"Only processes with an effective UID of 0 or the CAP_NET_ADMIN capability may 
send or listen to a netlink multicast group."

In addition man 7 capabilities states that:

"CAP_NET_RAW
	Use RAW and PACKET sockets."

Despite these statements I was able to run the followinng code without getting 
any access denied type error messages:

################################
#include <sys/types.h>
#include <sys/socket.h>
#include <linux/netlink.h>
#include <unistd.h>

int filedes;
struct sockaddr_nl nladdr={AF_NETLINK,0,0,0};

int main(int argc, char *argv[], char *envp[])
{
        nladdr.nl_pid=getpid();
        filedes=socket(AF_NETLINK, SOCK_RAW, NETLINK_KOBJECT_UEVENT);
        bind(filedes,(struct sockaddr*)&nladdr,sizeof(nladdr));
        close(filedes);
}
################################

 Sorry for not testing if I can actually send or receive raw multicast netlink 
packages, this is because I'm not a programmer actually. The code above could 
be run without any problem on openSUSE 12.1's tandard kernel and on a vanilla 
2.6.32.49. Is it a bug or is it intentional (and then man pages are outdated)? 
In the latter case what does protect the udev subsystem. for example?

Regards,

Tamas Nemeth
IT sysadmin
University of West Hungary
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ