On Thu, 31 Aug 2000, Tigran Aivazian wrote:
> Actually, microcode driver checks CAP_SYS_RAWIO only on open() so it would
> allow access to the receiver of fd even he has no CAP_SYS_RAWIO
> privilege. Hmmm, maybe I should put it back into write() method, as Linus
> (or someone else) did at some point (and I removed it)...
Please don't put it back into write(). One of the powerful uses of passing
fds is across privilege boundaries. We don't want that to suddenly stop
working.
Look at it this way: if anyone passes a privileged fd, they either know
what they are doing, or get what they deserve.
Cheers
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:27 EST