Project

General

Profile

Bug #1429

setsockopt TCP_INIT_CWND requires unnecessary privileges

Added by Theo Schlossnagle almost 8 years ago. Updated almost 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
kernel
Start date:
2011-08-30
Due date:
% Done:

30%

Estimated time:
1.00 h
Difficulty:
Bite-size
Tags:
not-a-bug

Description

setsockopt(fd, IPPROTO_TCP, TCP_INIT_CWND, ....)

requires sys_net_config privileges to set to between 4 and the internal maximum of 16.

This is an IP level option and should only require sys_ip_config.

Due to the requirement of sys_net_config, there is no way to perform this within a zone.

This call is needed to set the initial congestion window on high-performance web servers to larger values (10 as suggested by Google IETF proposal) and should be allowed within a zone.


Files

cwnd.c (505 Bytes) cwnd.c Dan McDonald, 2011-08-31 06:41 PM

Related issues

Related to illumos gate - Bug #1436: tcp(7P) shouldn't pretend you need PRIV_SYS_NET_CONFIG for anything.New2011-08-31

Actions

History

#1

Updated by Dan McDonald almost 8 years ago

  • File cwnd.c cwnd.c added
  • Assignee set to Dan McDonald
  • % Done changed from 0 to 30

I cannot reproduce this bug on an OpenIndiana installation.

I ran a trivial TCP_INIT_CWND program (attached) in a zone off of an OI installation, and it worked fine (at least for user == root).

I won't close this bug yet, but the submitter should provide a reproducible test case.

#2

Updated by Dan McDonald almost 8 years ago

  • Status changed from New to Closed
  • Tags changed from needs-triage to not-a-bug

Confirmed with the submitter, this is not a bug.

Also available in: Atom PDF