On Tue, Nov 05, 2024 at 06:53:32AM +0900, Krzysztof Wilczy´nski wrote: > Would you have anything against if we put this new bus reset sysfs object > access behind the following test? > > if (!capable(CAP_SYS_ADMIN)) > return -EPERM; > > This is irregardless of what the permissions on the sysfs objects from the > DAC point of view are set to. > > Checking CAP_SYS_ADMIN capability, to improve our default security stance, > on a number of important sysfs objects (e.g., reset, remove, etc.) we have > was something I discussed in the past with Bjorn, but never got around to > sending a patch to add this check. > > Thoughts? Sure, I'm okay that. We are using DEVICE_ATTR_WO file attribute which says should make it writable only by an admin, but totally fine with adding this explicit check here too.
