So, as was kind of alluded to in another part of the thread, what are
you doing about permissions? It seems that any user/group permissions
are out the window when you have the kernel itself do the opening of the
char device, right? Why is that ok? You can pass it _any_ character
device node and away it goes? What if you give it a "wrong" one? Char
devices are very different from block devices this way.
We could condition any configfs operation on capable(CAP_NET_ADMIN) to
close that hole for now..
s/NET/SYS/...