On Monday 2010-08-23 15:42, Luciano Coelho wrote: >> > /* Defaults, these can be overridden on the module command-line. */ >> > static unsigned int condition_list_perms = S_IRUGO | S_IWUSR; >> > static unsigned int condition_uid_perms = 0; >> > static unsigned int condition_gid_perms = 0; >> > +static unsigned int condition_capabilities = CAP_NET_ADMIN; >> > >> It is strange that we set security policy in this way. Maybe the >> permission of the proc file is enough in this case. > >Yes, that is another way to do it. But in our device we use security >capabilities more extensively than normal file permissions. That's why >we need this. > >If this is too restrictive (ie. having CAP_NET_ADMIN) for most users, we >could change the default value to no capabilities needed. Then we can >set CAP_NET_ADMIN when loading the module. But it looks as strange as the Yama code attempt. This is the one time where I would personally be looking into SELinux, or perhaps SMACK if the former is too complex, to whether _t'ing off procfs is possible. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
