On Wed, May 24, 2023 at 8:23 PM Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: > > On Wed, May 24, 2023 at 3:55 PM Andrii Nakryiko <andrii@xxxxxxxxxx> wrote: > > > > Getting ID of map/prog/btf/link doesn't give any access to underlying > > BPF objects, so there is no point in requiring CAP_SYS_ADMIN for these > > commands. > > I don't think it's a good idea to allow unpriv to figure out > all prog/map/btf/link IDs. > Since unpriv is typically disabled it's not a security issue, > but rather a concern over abuse of IDR logic and potential > for exploits in *get_next_id() code. > At least CAP_BPF is needed. Ok, sounds good. I was just trying to minimize the number of commands that would need token_fd. BPF_MAP_FREEZE is the one I care about the most, if that one looks good, should we land that single patch?
