Netlink and raw packet inconsistencies or obsolete man pages?

From: Németh Tamás
Date: Wed Mar 28 2012 - 05:17:50 EST


man 7 netlink states that:

"Only processes with an effective UID of 0 or the CAP_NET_ADMIN capability may
send or listen to a netlink multicast group."

In addition man 7 capabilities states that:

"CAP_NET_RAW
Use RAW and PACKET sockets."

Despite these statements I was able to run the followinng code without getting
any access denied type error messages:

################################
#include <sys/types.h>
#include <sys/socket.h>
#include <linux/netlink.h>
#include <unistd.h>

int filedes;
struct sockaddr_nl nladdr={AF_NETLINK,0,0,0};

int main(int argc, char *argv[], char *envp[])
{
nladdr.nl_pid=getpid();
filedes=socket(AF_NETLINK, SOCK_RAW, NETLINK_KOBJECT_UEVENT);
bind(filedes,(struct sockaddr*)&nladdr,sizeof(nladdr));
close(filedes);
}
################################

Sorry for not testing if I can actually send or receive raw multicast netlink
packages, this is because I'm not a programmer actually. The code above could
be run without any problem on openSUSE 12.1's tandard kernel and on a vanilla
2.6.32.49. Is it a bug or is it intentional (and then man pages are outdated)?
In the latter case what does protect the udev subsystem. for example?

Regards,

Tamas Nemeth
IT sysadmin
University of West Hungary
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/