On Wed, 2007-07-11 at 01:17 +0200, Michael Buesch wrote: > This adds a capability check to only allow creation > and removal of interfaces by a network admin. > > Signed-off-by: Michael Buesch <mb@xxxxxxxxx> > Cc: Johannes Berg <johannes@xxxxxxxxxxxxxxxx> Acked-by: Johannes Berg <johannes@xxxxxxxxxxxxxxxx> Should stable be getting this too, for people who use out-of-tree mac80211 drivers? > Cc: Andy Green <andy@xxxxxxxxxxx> > > Index: mac80211/net/wireless/sysfs.c > =================================================================== > --- mac80211.orig/net/wireless/sysfs.c 2007-06-01 11:20:32.000000000 +0200 > +++ mac80211/net/wireless/sysfs.c 2007-07-11 01:04:53.000000000 +0200 > @@ -46,9 +46,10 @@ static ssize_t _store_add_iface(struct d > struct cfg80211_registered_device *rdev = dev_to_rdev(dev); > int res; > > + if (!capable(CAP_NET_ADMIN)) > + return -EPERM; > if (len > IFNAMSIZ) > return -EINVAL; > - > if (!rdev->ops->add_virtual_intf) > return -ENOSYS; > > @@ -68,9 +69,10 @@ static ssize_t _store_remove_iface(struc > int res, ifidx; > struct net_device *netdev; > > + if (!capable(CAP_NET_ADMIN)) > + return -EPERM; > if (len > IFNAMSIZ) > return -EINVAL; > - > if (!rdev->ops->del_virtual_intf) > return -ENOSYS; > >
Attachment:
signature.asc
Description: This is a digitally signed message part
