Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()

From: Sagi Grimberg
Date: Thu Jul 25 2019 - 15:45:22 EST

Next message: Heiko Stuebner: "Re: [PATCH] clk: rockchip: Fix -Wunused-const-variable"
Previous message: Gilberto Nunes: "Re: AMD Drivers"
In reply to: Greg Kroah-Hartman: "Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()"
Next in thread: Sagi Grimberg: "Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So, as was kind of alluded to in another part of the thread, what are
you doing about permissions? It seems that any user/group permissions
are out the window when you have the kernel itself do the opening of the
char device, right? Why is that ok? You can pass it _any_ character
device node and away it goes? What if you give it a "wrong" one? Char
devices are very different from block devices this way.

We could condition any configfs operation on capable(CAP_NET_ADMIN) to
close that hole for now..

Why that specific permission?

Meant CAP_SYS_ADMIN

And what about the "pass any random char device name" issue? What
happens if you pass /dev/random/ as the string?

What is the difference if the application is opening the device if
it has the wrong path?

Next message: Heiko Stuebner: "Re: [PATCH] clk: rockchip: Fix -Wunused-const-variable"
Previous message: Gilberto Nunes: "Re: AMD Drivers"
In reply to: Greg Kroah-Hartman: "Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()"
Next in thread: Sagi Grimberg: "Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]