| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <29f9ee1d-7ad4-b4df-7202-35c66893cc16@landley.net>
Date: Mon, 30 Oct 2017 22:39:25 -0500
From: Rob Landley <rob@...dley.net>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
davem@...emloft.net, kuznet@....inr.ac.ru, ebiederm@...ssion.com,
xiyou.wangcong@...il.com, yoshfuji@...ux-ipv6.org,
segoon@...nwall.com
Subject: [PATCH 1/1] Change ping_group_range default to what Android's init
script sets.
From: Rob Landley <rob@...dley.net>
See message from the Android "native tools and libraries team" lead
(I.E. the maintainer of bionic, adb, toolbox, etc) at
http://lists.landley.net/pipermail/toybox-landley.net/2017-July/009103.html
Signed-off-by: Rob Landley <rob@...dley.net>
---
net/ipv4/af_inet.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index e31108e..5b39a96 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1712,12 +1712,8 @@ static __net_init int inet_init_net(struct net *net)
net->ipv4.ip_local_ports.range[1] = 60999;
seqlock_init(&net->ipv4.ping_group_range.lock);
- /*
- * Sane defaults - nobody may create ping sockets.
- * Boot scripts should set this to distro-specific group.
- */
- net->ipv4.ping_group_range.range[0] = make_kgid(&init_user_ns, 1);
- net->ipv4.ping_group_range.range[1] = make_kgid(&init_user_ns, 0);
+ net->ipv4.ping_group_range.range[0] = make_kgid(&init_user_ns, 0);
+ net->ipv4.ping_group_range.range[1] = make_kgid(&init_user_ns, 2147483647);
/* Default values for sysctl-controlled parameters.
* We set them here, in case sysctl is not compiled.
Powered by blists - more mailing lists