From owner-freebsd-bugs  Tue Jun  1 15: 8:18 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from misha.cisco.com (misha.cisco.com [171.69.206.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id AACF115820; Tue,  1 Jun 1999 15:08:05 -0700 (PDT)
	(envelope-from mi@misha.cisco.com)
Received: (from mi@localhost)
	by misha.cisco.com (8.9.2/8.9.1) id SAA47055;
	Tue, 1 Jun 1999 18:06:09 -0400 (EDT)
	(envelope-from mi)
Message-Id: <199906012206.SAA47055@misha.cisco.com>
Subject: Re: kern/11981: access to tunN devices not allowed to non-root despite permissions
In-Reply-To: <199906012041.VAA09064@keep.lan.Awfulhak.org> from Brian Somers at "Jun 1, 1999 09:41:28 pm"
To: brian@Awfulhak.org (Brian Somers)
Date: Tue, 1 Jun 1999 18:06:09 -0400 (EDT)
Cc: mi@aldan.algebra.com, brian@FreeBSD.org, freebsd-bugs@FreeBSD.org
Reply-To: mi@aldan.algebra.com
From: Mikhail Teterin <mi@aldan.algebra.com>
X-Mailer: ELM [version 2.4ME+ PL52 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Brian Somers once wrote:

> > The fact that  it's pointless (as far  as you or me  can see today),
> > does not  mean it  should not be  possible. Currently,  according to
> > your mail,  the driver performs  the useless check. IMHO,  it should
> > not.
> [.....]
 
> I'd  argue that  removing  the suser()  check  would potentially  open
> security holes. It's not worth the risk.

Well, by this logic, the check must  also be put into a number of other.
places Disk  devices come  to mind... I  do not mean  to insist  "out of
principle", but it does seem like  the additional check in the driver is
redundant, and  thus wrong... It  already lead  me to a  confusion today
when I  was trying to ``ktrace  ppp ...'': kdump was  showing ENOPERM on
_opening_ the tun devices...

When and if  the time comes for the non-root's  ability to ifconfig some
of the interfaces, the check will have to go anyway. Yours,

	-mi



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message