Why does CRYPTO_USER require CAP_NET_ADMIN?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If I'm not mistaken, CRYPTO_USER requires CAP_NET_ADMIN for all
requests. Is there any reason for this requirement for read-only requests?

I think read-only requests should not require CAP_NET_ADMIN. An example
where this is important is important is AF_ALG. I'm working on AF_ALG
support for GnuTLS, encryption and decryption via AF_ALG does not
require special capabilities. However, retrieving the cipher priority to
determine whether the cipher is hardware accelerated does require
CAP_NET_ADMIN.

Regards,
Matthias-Christian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux