HomeFreeBSD

cap_net: correct capability name from addr2name to name2addr

Description

cap_net: correct capability name from addr2name to name2addr

Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.

Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>

(cherry picked from commit afd74c400075d94e01dd3430844bb290834660ef)
(cherry picked from commit 765757c6301fa41c0b59108347c600fbc9020c39)

Approved by: so
Approved by: re (implicit)
Security: FreeBSD-SA-23:16.cap_net
Sponsored by: The FreeBSD Foundation

Details

Provenance
oshogboAuthored on Oct 23 2023, 9:03 PM
emasteCommitted on Nov 8 2023, 12:45 AM
Parents
rG1f9c4610dde5: fflush: correct buffer handling in __sflush
Branches
Unknown
Tags
Unknown