Bluetooth: Restrict access to management interface

The management interface on the HCI control channel should be restricted to applications with CAP_NET_ADMIN permission. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-02-20 20:54:10 +01:00 · 2012-02-20 20:54:10 +01:00 · 801f13bd8e
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@ -656,6 +656,11 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_le
 			goto done;
 		}

+		if (!capable(CAP_NET_ADMIN)) {
+			err = -EPERM;
+			goto done;
+		}
+
 		set_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags);
 		break;