On Thu, May 25, 2023 at 10:11 AM Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: > > On Thu, May 25, 2023 at 10:05 AM Andrii Nakryiko > <andrii.nakryiko@xxxxxxxxx> wrote: > > > > On Wed, May 24, 2023 at 8:23 PM Alexei Starovoitov > > <alexei.starovoitov@xxxxxxxxx> wrote: > > > > > > On Wed, May 24, 2023 at 3:55 PM Andrii Nakryiko <andrii@xxxxxxxxxx> wrote: > > > > > > > > Getting ID of map/prog/btf/link doesn't give any access to underlying > > > > BPF objects, so there is no point in requiring CAP_SYS_ADMIN for these > > > > commands. > > > > > > I don't think it's a good idea to allow unpriv to figure out > > > all prog/map/btf/link IDs. > > > Since unpriv is typically disabled it's not a security issue, > > > but rather a concern over abuse of IDR logic and potential > > > for exploits in *get_next_id() code. > > > At least CAP_BPF is needed. > > > > Ok, sounds good. I was just trying to minimize the number of commands > > that would need token_fd. > > > > BPF_MAP_FREEZE is the one I care about the most, if that one looks > > good, should we land that single patch? > > Sure. Applied. Great, thank you!
