As a temporary hack, we had opened up access to the privileged RPC
handler to all users. This fix locks it down again: on Linux, only
the superuser can access it, while on other platforms, it is denied
completely (until we add seq packet support to the common code).
Signed-off-by: Dmitry Torokhov <dtor@vmware.com>
goto out;
}
- if (!VSockAddr_SocketContextDgram(remoteAddr->svm_cid,
- remoteAddr->svm_port)) {
- err = -EINVAL;
+ /*
+ * No need to call SocketContextDgram() here, we already do specific checks
+ * on the context and port above. All we have to do here is ensure that
+ * only the superuser gets access to the privileged RPC handler.
+ */
+
+ if (VMCI_RPC_PRIVILEGED == remoteAddr->svm_port &&
+ !capable(CAP_SYS_ADMIN)) {
+ err = -EACCES;
goto out;
}
if (cid == VMCI_HYPERVISOR_CONTEXT_ID) {
/*
* Registrations of PBRPC Servers do not modify VMX/Hypervisor state and
- * are allowed. We also allow messages on the two RPC channels.
- *
- * XXX, we should disallow messages to the privileged channel for
- * sockets that are not owned by admin/root. See PR 794652.
+ * are allowed.
*/
- if (rid == VMCI_UNITY_PBRPC_REGISTER ||
- rid == VMCI_RPC_PRIVILEGED ||
- rid == VMCI_RPC_UNPRIVILEGED) {
+ if (rid == VMCI_UNITY_PBRPC_REGISTER) {
return TRUE;
} else {
return FALSE;
projects / thirdparty / open-vm-tools.git / commitdiff
