On 5/7/2018 9:19 PM, Johannes Berg wrote:
On Sun, 2018-04-29 at 20:30 +0200, Andrew Zaborowski wrote:
On 28 April 2018 at 15:07, Kalle Valo <kvalo@xxxxxxxxxxxxxx> wrote:
Andrew Zaborowski <andrew.zaborowski@xxxxxxxxx> writes:
Reject NL80211_CMD_DISCONNECT, NL80211_CMD_DISASSOCIATE,
NL80211_CMD_DEAUTHENTICATE and NL80211_CMD_ASSOCIATE commands
from clients other than the connection owner set in the connect,
authenticate or associate commands, if it was set.
The main point of this check is to prevent chaos when two processes
try to use nl80211 at the same time, it's not a security measure.
The same thing should possibly be done for JOIN_IBSS/LEAVE_IBSS and
START_AP/STOP_AP.
s-o-b missing.
True, thanks. Also I was going to send this as an RFC.
Looks fine to me, please resend if you want it in :)
Do we really want this? Is the referred chaos hypothetical or an actual
issue. Nothing stops me from doing an 'ifconfig down' so why should 'iw
disconnect' be any different. As far I can tell it does not affect my
testing environment, but particularly in such use-cases I can expect
issues adopting this change, which is also hypothetical of course ;-)
Regards,
Arend