On Thu, May 25, 2023 at 10:05 AM Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> wrote: > > On Wed, May 24, 2023 at 8:23 PM Alexei Starovoitov > <alexei.starovoitov@xxxxxxxxx> wrote: > > > > On Wed, May 24, 2023 at 3:55 PM Andrii Nakryiko <andrii@xxxxxxxxxx> wrote: > > > > > > Getting ID of map/prog/btf/link doesn't give any access to underlying > > > BPF objects, so there is no point in requiring CAP_SYS_ADMIN for these > > > commands. > > > > I don't think it's a good idea to allow unpriv to figure out > > all prog/map/btf/link IDs. > > Since unpriv is typically disabled it's not a security issue, > > but rather a concern over abuse of IDR logic and potential > > for exploits in *get_next_id() code. > > At least CAP_BPF is needed. > > Ok, sounds good. I was just trying to minimize the number of commands > that would need token_fd. > > BPF_MAP_FREEZE is the one I care about the most, if that one looks > good, should we land that single patch? Sure. Applied.
