lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 22 Aug 2007 16:42:54 -0400
From:	Jeff Dike <jdike@...toit.com>
To:	Mike Mohr <akihana@...il.com>
Cc:	Rene Herman <rene.herman@...e.nl>, linux-kernel@...r.kernel.org,
	Guido Guenther <agx@...xcpu.org>, Bodo Eggert <7eggert@....de>
Subject: Re: group ownership of tun devices -- nonfunctional?

> I can create devices that are owned by my user account (tunctl -u
> `whoami` -t tap0) and it works fine.  However, if I use group
> permissions with -g it stops working.  In all cases, if I pass -g
> <group>, the interface is created correctly but it is unusable as a
> non-root user.

I can't reproduce this - it seems to work fine on -rc3-mm1:

As root:
	./tunctl -u user -g user -t tap1
	ifconfig tap1 192.168.0.130 up
	route add -host 192.168.0.131 dev tap1
	chmod 666 /dev/net/tun

As a normal user:
	./tunread # tunread source is below

As root again:
	ping 192.168.0.131

tunread output:
	0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0x8 0x6 0x0 0x1 0x8 0x0 0x6 0x4 0x0 0x1 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0xffffffc0 0xffffffa8 0x0 0xffffff82 
0x0 0x0 0x0 0x0 0x0 0x0 0xffffffc0 0xffffffa8 0x0 0xffffff83 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0x8 0x6 0x0 0x1 0x8 0x0 0x6 0x4 0x0 0x1 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0xffffffc0 0xffffffa8 0x0 0xffffff82 
0x0 0x0 0x0 0x0 0x0 0x0 0xffffffc0 0xffffffa8 0x0 0xffffff83 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0xffffffff 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0x8 0x6 0x0 0x1 0x8 0x0 0x6 0x4 0x0 0x1 0x0 0xffffffff 0xffffff9b 0x51 0xffffffb9 0xffffffd9 0xffffffc0 0xffffffa8 0x0 0xffffff82 

				Jeff

-- 
Work email - jdike at linux dot intel dot com

#include <stdio.h>
#include <errno.h>
#include <fcntl.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/ioctl.h>
#define __KERNEL__
#include <linux/socket.h>
#include <linux/if.h>
#include <linux/if_tun.h>

int main(int argc, char **argv)
{
  char packet[1600];
  struct ifreq ifr;
  int fd, err, i, n;

  if((fd = open("/dev/net/tun", O_RDWR)) < 0){
    perror("Opening /dev/net/tun");
    exit(1);
  }

  memset(&ifr, 0, sizeof(ifr));

  /* Flags: IFF_TUN   - TUN device (no Ethernet headers) 
   *        IFF_TAP   - TAP device  
   *
   *        IFF_NO_PI - Do not provide packet information  
   */ 
  ifr.ifr_flags = IFF_TUN; 
  strncpy(ifr.ifr_name, "tap1", IFNAMSIZ);

  if((err = ioctl(fd, TUNSETIFF, (void *) &ifr)) < 0){
    perror("TUNSETIFF");
    exit(1);
  }

  while(1){
    n = read(fd, packet, sizeof(packet));
    if(n < 0){
      perror("read");
      exit(1);
    }
    else if(n == 0)
      break;

    for(i = 0; i < n; i++){
      printf("0x%x ", packet[i]);
      if((i % 32) == 31)
        printf("\n");
    }
  }
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ