Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()

From: Sagi Grimberg
Date: Thu Jul 25 2019 - 15:45:22 EST

So, as was kind of alluded to in another part of the thread, what are
you doing about permissions? It seems that any user/group permissions
are out the window when you have the kernel itself do the opening of the
char device, right? Why is that ok? You can pass it _any_ character
device node and away it goes? What if you give it a "wrong" one? Char
devices are very different from block devices this way.

We could condition any configfs operation on capable(CAP_NET_ADMIN) to
close that hole for now..

Why that specific permission?


And what about the "pass any random char device name" issue? What
happens if you pass /dev/random/ as the string?

What is the difference if the application is opening the device if
it has the wrong path?