Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/raw_ip.c,v
retrieving revision 1.91.2.1
retrieving revision 1.91.2.2
diff -u -p -r1.91.2.1 -r1.91.2.2
--- src/sys/netinet/raw_ip.c	2006/10/22 06:07:28	1.91.2.1
+++ src/sys/netinet/raw_ip.c	2006/12/10 07:19:11	1.91.2.2
@@ -1,4 +1,4 @@
-/*	$NetBSD: raw_ip.c,v 1.91.2.1 2006/10/22 06:07:28 yamt Exp $	*/
+/*	$NetBSD: raw_ip.c,v 1.91.2.2 2006/12/10 07:19:11 yamt Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.91.2.1 2006/10/22 06:07:28 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.91.2.2 2006/12/10 07:19:11 yamt Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -543,13 +543,14 @@ rip_usrreq(struct socket *so, int req,
 			error = EISCONN;
 			break;
 		}
-		if (l == 0 || (error = kauth_authorize_network(l->l_cred,
-		    KAUTH_NETWORK_SOCKET,
-		    KAUTH_REQ_NETWORK_SOCKET_RAWSOCK, so, NULL,
-		    NULL))) {
+
+		if (l == NULL) {
 			error = EACCES;
 			break;
 		}
+
+		/* XXX: raw socket permissions are checked in socreate() */
+
 		if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
 			error = soreserve(so, rip_sendspace, rip_recvspace);
 			if (error)