|
|
@@ -719,22 +719,9 @@ static int dn_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
|
|
|
if (saddr->sdn_flags & ~SDF_WILD)
|
|
|
return -EINVAL;
|
|
|
|
|
|
-#if 1
|
|
|
if (!capable(CAP_NET_BIND_SERVICE) && (saddr->sdn_objnum ||
|
|
|
(saddr->sdn_flags & SDF_WILD)))
|
|
|
return -EACCES;
|
|
|
-#else
|
|
|
- /*
|
|
|
- * Maybe put the default actions in the default security ops for
|
|
|
- * dn_prot_sock ? Would be nice if the capable call would go there
|
|
|
- * too.
|
|
|
- */
|
|
|
- if (security_dn_prot_sock(saddr) &&
|
|
|
- !capable(CAP_NET_BIND_SERVICE) ||
|
|
|
- saddr->sdn_objnum || (saddr->sdn_flags & SDF_WILD))
|
|
|
- return -EACCES;
|
|
|
-#endif
|
|
|
-
|
|
|
|
|
|
if (!(saddr->sdn_flags & SDF_WILD)) {
|
|
|
if (dn_ntohs(saddr->sdn_nodeaddrl)) {
|
Patrick Caulfield