https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=222632
--- Comment #24 from commit-h...@freebsd.org --- A commit references this bug: Author: emaste Date: Mon Apr 30 17:31:07 UTC 2018 New revision: 333120 URL: https://svnweb.freebsd.org/changeset/base/333120 Log: Disable connectat/bindat with AT_FDCWD in capmode Previously it was possible to connect a socket (which had the CAP_CONNECT right) by calling "connectat(AT_FDCWD, ...)" even in capabilties mode. This combination should be treated the same as a call to connect (i.e. forbidden in capabilities mode). Similarly for bindat. Disable connectat/bindat with AT_FDCWD in capabilities mode, fix up the documentation and add tests. PR: 222632 Submitted by: Jan Kokem?ller <jan.kokemuel...@gmail.com> Reviewed by: Domagoj Stolfa MFC after: 1 week Relnotes: Yes Differential Revision: https://reviews.freebsd.org/D15221 Changes: head/share/man/man4/rights.4 head/sys/kern/uipc_syscalls.c head/tests/sys/capsicum/Makefile head/tests/sys/capsicum/bindat_connectat.c -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
