Project

General

Profile

Actions

Bug #1429

closed

setsockopt TCP_INIT_CWND requires unnecessary privileges

Added by Theo Schlossnagle almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
kernel
Start date:
2011-08-30
Due date:
% Done:

30%

Estimated time:
1.00 h
Difficulty:
Bite-size
Tags:
not-a-bug
Gerrit CR:

Description

setsockopt(fd, IPPROTO_TCP, TCP_INIT_CWND, ....)

requires sys_net_config privileges to set to between 4 and the internal maximum of 16.

This is an IP level option and should only require sys_ip_config.

Due to the requirement of sys_net_config, there is no way to perform this within a zone.

This call is needed to set the initial congestion window on high-performance web servers to larger values (10 as suggested by Google IETF proposal) and should be allowed within a zone.


Files

cwnd.c (505 Bytes) cwnd.c Dan McDonald, 2011-08-31 06:41 PM

Related issues

Related to illumos gate - Bug #1436: tcp(7P) shouldn't pretend you need PRIV_SYS_NET_CONFIG for anything.New2011-08-31

Actions
Actions

Also available in: Atom PDF