On Tue, Aug 22, 2006 at 04:47:40PM +0200, Jiri Benc wrote: > On Wed, 16 Aug 2006 15:49:45 +0200, Johannes Berg wrote: > > The sysfs attributes add_iface and remove_iface both check for > > CAP_NET_ADMIN whenever something is written. Hence, permissions for the > > files should be relaxed so that someone who is not root but happens to > > have CAP_NET_ADMIN can do things. > > I'm not sure about this. Greg, what's the policy here?
I don't know, it's not a normal sysfs thing to rely on capability checks, almost everything that I know of uses the permission bits on the files. But I don't have a problem with making the permissions on the file open, yet restricting things to CAP_NET_ADMIN, if that preserves the proper functionality. thanks, greg k-h - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html