multipath-tools: Perform socket client uid check on IPC commands.
authorGris Ge <fge@redhat.com>
Fri, 20 Jan 2017 13:39:02 +0000 (21:39 +0800)
committerChristophe Varoqui <christophe.varoqui@opensvc.com>
Fri, 10 Feb 2017 11:37:05 +0000 (12:37 +0100)
commit9acda0c47b143f2ef6123957d2ccd24ea995dc04
tree70632cb3ce307f27a67884f309b762dec964a3b0
parentd733262e0b6d7932cc3be3fc6957e0bd1bf46116
multipath-tools: Perform socket client uid check on IPC commands.

Problem:
    A non-root user could send and execute 'shutdown' IPC command to
    multipathd.

Fix:
    Use getsockopt() to find out socket client uid, only query (list or
    show) command are allowed for non-root(uid != 0) socket connection.
    An error message "permission deny: need to be root" will be sent
    otherwise.

Signed-off-by: Gris Ge <fge@redhat.com>
multipathd/main.c
multipathd/uxlsnr.c
multipathd/uxlsnr.h