lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 3 Aug 2023 09:48:24 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Thadeu Lima de Souza Cascardo <cascardo@...onical.com>
Cc:     linux-serial@...r.kernel.org, linux-kernel@...r.kernel.org,
        Jiri Slaby <jirislaby@...nel.org>
Subject: Re: [PATCH] tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710
 ldisc

On Tue, Aug 01, 2023 at 10:02:16AM -0300, Thadeu Lima de Souza Cascardo wrote:
> On Tue, Aug 01, 2023 at 06:53:30AM +0200, Greg Kroah-Hartman wrote:
> > On Mon, Jul 31, 2023 at 03:59:42PM -0300, Thadeu Lima de Souza Cascardo wrote:
> > > Any unprivileged user can attach N_GSM0710 ldisc, but it requires
> > > CAP_NET_ADMIN to create a GSM network anyway.
> > > 
> > > Require initial namespace CAP_NET_ADMIN to do that.
> > > 
> > > Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@...onical.com>
> > 
> > What commit id does this fix?  Or has this always been a problem?
> > 
> > thanks,
> > 
> > greg k-h
> 
> This has always been like this. It is not really fixing a specific commit, but
> introducing further restriction on access.

So by restricting access, will this now break existing userspace tools
that do not have this permission?  I'm all for tightening up
permissions, but we can't break existing workflows without a good
reason.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ