Commit 1195fbb8 authored by Marcel Holtmann's avatar Marcel Holtmann Committed by Johan Hedberg

Bluetooth: Open management interface for untrusted users

Until now the management interface was restricted to CAP_NET_ADMIN. With
this change every user can open the management socket. However the list
of commands is heavily restricted to getting basic information about the
attached controllers. No access for configuration or other operation is
provided. The events are also limited. This is done so that no keys can
leak or untrusted users can mess with the Bluetooth configuration.
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
parent c927a104
...@@ -795,16 +795,13 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, ...@@ -795,16 +795,13 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
goto done; goto done;
} }
if (!capable(CAP_NET_ADMIN)) { /* Users with CAP_NET_ADMIN capabilities are allowed
err = -EPERM; * access to all management commands and events. For
goto done; * untrusted users the interface is restricted and
} * also only untrusted events are sent.
/* Since the access to control channels is currently
* restricted to CAP_NET_ADMIN capabilities, every
* socket is implicitly trusted.
*/ */
hci_sock_set_flag(sk, HCI_SOCK_TRUSTED); if (capable(CAP_NET_ADMIN))
hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);
/* At the moment the index and unconfigured index events /* At the moment the index and unconfigured index events
* are enabled unconditionally. Setting them on each * are enabled unconditionally. Setting them on each
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment