| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150611140935.6533fb7c@urahara> Date: Thu, 11 Jun 2015 14:09:35 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: Mahesh Bandewar <maheshb@...gle.com> Cc: Jay Vosburgh <j.vosburgh@...il.com>, Andy Gospodarek <andy@...yhouse.net>, Veaceslav Falico <vfalico@...il.com>, Nikolay Aleksandrov <nikolay@...hat.com>, David Miller <davem@...emloft.net>, netdev <netdev@...r.kernel.org>, Eric Dumazet <edumazet@...gle.com>, Maciej Zenczykowski <maze@...gle.com> Subject: Re: [PATCH next v0] bonding: Display LACP info only to CAP_SYS_ADMIN capable user On Wed, 10 Jun 2015 17:19:56 -0700 Mahesh Bandewar <maheshb@...gle.com> wrote: > Actor and Partner details can be accessed via proc-fs and sys-fs > entries. These interfaces are world readable at this moment. The > earlier patch-series made the LACP communication secure to avoid > nuisance attack from within the same L2 domain but it did not > prevent "someone unprivileged" looking at that information on host > and perform the same act. > > This patch essentially avoids spitting those entries if the user > in question does not have enough privileges. > > Signed-off-by: Mahesh Bandewar <maheshb@...gle.com> I would think you want CAP_NET_ADMIN for this? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists