[Bug 200185] [PATCH] Deprecation of sysctl variable net.link.tap.user_open: opening by user is based on node permissions, no need for this variable
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu May 14 02:58:14 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200185
Bug ID: 200185
Summary: [PATCH] Deprecation of sysctl variable
net.link.tap.user_open: opening by user is based on
node permissions, no need for this variable
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: New
Keywords: patch
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: yuri at rawbw.com
Keywords: patch
Created attachment 156767
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=156767&action=edit
patch
net.link.tap.user_open does two thing:
* prevents non-root users to open /dev/tapN
* prevents non-root users to clone /dev/tapN
The first function is performed by the node permissions, as set by the admin.
There is no need for this additional way to limit users to open devices.
The second function refers to the legacy cloning process. When some process
attempts to open the non-existent device, devfs tries to call 'clone' functions
of all available modules to see if they can auto-create such device. 'tapclone'
is the relevant function in 'tap' module.
There is another sysctl variable net.link.tap.devfs_cloning, that currently
allows/disallows cloning for everybody, and then net.link.tap.user_open checks
for PRIV_NET_IFCREATE when set.
The new behavior is that net.link.tap.devfs_cloning also checks credentials
based on PRIV_NET_IFCREATE, like this is currently for tunN.
Practically speaking, net.link.tap.user_open is always in the way of every user
process which needs to use /dev/tapN, while such limitation is not necessary at
all. Ex. user being in the 'network' group should be entirely sufficient. Admin
should set these permissions.
Also, I doubt that PRIV_NET_IFCREATE even works properly, because I wasn't able
to clone /dev/tapN even when my user is in wheel and network groups, and /dev
is owned by root:wheel and has 0777 mask. I still got 'Permission denied'.
I suggest to apply this patch to 11 (trunk) only, because it incurs an
interface change.
Also the following note should be added to the Change Log for 11.0:
* net.link.tap.user_open sysctl variable is deprecated. Opening of /dev/tapN is
now based on the node permissions and user credentials only. The meaning of
net.link.tap.devfs_cloning has changed: when set to non-zero it allows
/dev/tapN cloning to users with PRIV_NET_IFCREATE privilege.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list