On Sat, Jul 14, 2018 at 1:25 AM, Dmitry Torokhov <d...@chromium.org> wrote: > On Sat, Jul 14, 2018 at 8:58 AM Todd Poynor <toddpoy...@gmail.com> wrote: >> >> From: Todd Poynor <toddpoy...@google.com> >> >> Always allow root to open device for writing. >> >> Drop special-casing of ioctl permissions for root vs. owner. >> >> Reported-by: Dmitry Torokhov <d...@chromium.org> >> Signed-off-by: Zhongze Hu <fran...@chromium.org> >> Signed-off-by: Todd Poynor <toddpoy...@google.com> > > I think this patch is good as is, but as a followup you should create > a patch that supports user namespaces, i.e. replaces > capable(CAP_SYS_ADMIN) with ns_capable(...) in gasket_open() so you > can allow containers to control the device, if necessary.
Thanks, I'll add that to the list. > > Reviewed-by: Dmitry Torokhov <d...@chromium.org> > > Thanks, > Dmitry -- Todd _______________________________________________ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel