setsockopt TCP_INIT_CWND requires unnecessary privileges
setsockopt(fd, IPPROTO_TCP, TCP_INIT_CWND, ....)
requires sys_net_config privileges to set to between 4 and the internal maximum of 16.
This is an IP level option and should only require sys_ip_config.
Due to the requirement of sys_net_config, there is no way to perform this within a zone.
This call is needed to set the initial congestion window on high-performance web servers to larger values (10 as suggested by Google IETF proposal) and should be allowed within a zone.
Updated by Dan McDonald about 10 years ago
I cannot reproduce this bug on an OpenIndiana installation.
I ran a trivial TCP_INIT_CWND program (attached) in a zone off of an OI installation, and it worked fine (at least for user == root).
I won't close this bug yet, but the submitter should provide a reproducible test case.