Date: Wed, 08 May 2019 17:23:22 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 200185] [PATCH] Deprecate net.link.tap.user_open sysctl: opening by user is based on node permissions, no need for this variable Message-ID: <bug-200185-7501-0P631hZl6h@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-200185-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-200185-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D200185 Kyle Evans <kevans@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rwatson@FreeBSD.org --- Comment #2 from Kyle Evans <kevans@freebsd.org> --- CC'ing rwatson@- PRIV_NET_TAP is allocated and also used for allowing openi= ng of tap devices, because this is historically a superuser-only privilege. It= was added after the user_open sysctl and we currently honor PRIV_NET_TAP xor user_open; it seems like PRIV_NET_TAP should've pushed user_open towards deprecation in favor of MAC policy to more cleanly do the same thing. I'm not sure now what the correct behavior is- your point about groups is g= ood, but do we want to (also, can we?) do away with PRIV_NET_TAP in favor of rel= ying on group membership? > Also, I doubt that PRIV_NET_IFCREATE even works properly, because I wasn'= t able to clone /dev/tapN even when my user is in wheel and network groups,= and /dev is owned by root:wheel and has 0777 mask. I still got 'Permission= denied'. Basically all PRIV_* are only granted to root by default without a policy to grant them otherwise, so this is correct behavior. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-200185-7501-0P631hZl6h>