lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 1 May 2016 21:38:57 +0800
From:	Wang Shanker <shankerwangmiao@...il.com>
To:	netdev@...r.kernel.org
Cc:	linux-kernel@...r.kernel.org
Subject: [Question] Should `CAP_NET_ADMIN` be needed when opening `/dev/ppp`?

Hi, all.

                                                                               
I’ve recently met some problems when trying to create a pppoe network link 
inside a unprivileged container. There is a uid namespace which maps root 
inside to a normal user outside. There is also a separate net namespace in the 
container. I create a dev node inside the container and set right 
permission.    

However, `/dev/ppp` cannot get opened since the mapped normal user does not 
have `CAP_NET_ADMIN`. The related code is in `drivers/net/ppp/ppp_generic.c`: 
`int ppp_open()` 

```
static int ppp_open(struct inode *inode, struct file *file)
{
	/*
	 * This could (should?) be enforced by the permissions on /dev/ppp.
	 */
	if (!capable(CAP_NET_ADMIN))
		return -EPERM;
	return 0;
}
```

I wonder why CAP_NET_ADMIN is needed here, rather than leaving it to the
permission of the device node. If there is no need, I suggest that the 
CAP_NET_ADMIN check be removed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ