On Tue, Oct 04, 2016 at 11:03:05AM -0500, Dan Williams wrote: > All the iSCSI boot entries are read-only anyway; it's unclear why the > CAP_SYS_ADMIN restriction is in place since this information isn't > particularly sensitive and cannot be changed. Userspace applications > may want to read this without requiring CAP_SYS_ADMIN for their > entire process just for iBFT info. > > Signed-off-by: Dan Williams <d...@redhat.com>
Uh, because there are login credentials to the target in there. > --- > drivers/scsi/iscsi_boot_sysfs.c | 3 --- > 1 file changed, 3 deletions(-) > > diff --git a/drivers/scsi/iscsi_boot_sysfs.c b/drivers/scsi/iscsi_boot_sysfs.c > index d453667..4e9c324 100644 > --- a/drivers/scsi/iscsi_boot_sysfs.c > +++ b/drivers/scsi/iscsi_boot_sysfs.c > @@ -47,9 +47,6 @@ static ssize_t iscsi_boot_show_attribute(struct kobject > *kobj, > ssize_t ret = -EIO; > char *str = buf; > > - if (!capable(CAP_SYS_ADMIN)) > - return -EACCES; > - > if (boot_kobj->show) > ret = boot_kobj->show(boot_kobj->data, boot_attr->type, str); > return ret; > -- > 2.7.4 -- Peter -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To unsubscribe from this group and stop receiving emails from it, send an email to open-iscsi+unsubscr...@googlegroups.com. To post to this group, send email to open-iscsi@googlegroups.com. Visit this group at https://groups.google.com/group/open-iscsi. For more options, visit https://groups.google.com/d/optout.