Date: Tue, 9 Jul 2002 17:12:30 -0700 (PDT) From: Andrew Valencia <vandys@zendo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/40394: if_tap driver hard coded permission check Message-ID: <200207100012.g6A0CU0p078007@www.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 40394
>Category: kern
>Synopsis: if_tap driver hard coded permission check
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Jul 09 17:20:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Andrew Valencia
>Release: 4.5-RELEASE
>Organization:
Trapeze Networks
>Environment:
FreeBSD andy-pc.trpz.com 4.5-RELEASE FreeBSD 4.5-RELEASE #2: Wed Jun 5 16:52:45 PDT 2002 vandys@andy-pc.trpz.com:/usr/src/sys/compile/VANDYS i386
>Description:
net/if_tap.c has a hard-coded check in tapopen() for suser().
Since this node corresponds to a /dev entry with perfectly a
perfectly good permission system, why not leave off the hard-coded
check so I can do things like create a "netdev" group whose members
are allowed to do I/O to the tap interface.
>How-To-Repeat:
Configure tap interfaces in your kernel. Chmod /dev/tap0 to something
writable by a mere mortal. Try to open it. Permission denied.
>Fix:
Remove the hard-coded check in the front of tapopen().
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207100012.g6A0CU0p078007>