Subject: Re: changes to routing socket semantics
To: David Carrel <>
From: Jason Thorpe <>
List: tech-security
Date: 02/22/1997 12:25:53
On Sat, 22 Feb 1997 07:52:26 -0800 
 David Carrel <> wrote:

 > Can we now remove the call to getuid() in sbin/route/route.c ?  Either
 > that or change it to geteuid().  But since the kernel now enforces
 > modifications to the routing socket, I would prefer completely removing
 > this.

Sure, that sounds fine with me...

 > The only difference to the user between removing the getuid() (and
 > associated checks) and changing it to geteuid() is that the user sees:
 > 	writing to routing socket: Permission denied
 > instead of
 > 	must be root to alter routing table
 > if their permissions are wrong.  I don't think the latter is that much more
 > helpful.  But to even things out, if I remove route(1)'s uid checks, I'll
 > add a blurb to the DIAGNOSTICS section of the man page for "Permission
 > Denied".

Yah, the blurb in the manual page is good... please go ahead and commit
these changes.

Thanks for the follow-up, Dave!

Jason R. Thorpe                             
NASA Ames Research Center                               Home: 408.866.1912
NAS: M/S 258-6                                          Work: 415.604.0935
Moffett Field, CA 94035                                Pager: 415.428.6939