From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Cc: linux-serial@vger.kernel.org, linux-kernel@vger.kernel.org,
Jiri Slaby <jirislaby@kernel.org>
Subject: Re: [PATCH] tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
Date: Thu, 3 Aug 2023 09:48:24 +0200 [thread overview]
Message-ID: <2023080344-happiness-duffel-c6ee@gregkh> (raw)
In-Reply-To: <ZMkCWL4r9Z35j3hC@quatroqueijos.cascardo.eti.br>
On Tue, Aug 01, 2023 at 10:02:16AM -0300, Thadeu Lima de Souza Cascardo wrote:
> On Tue, Aug 01, 2023 at 06:53:30AM +0200, Greg Kroah-Hartman wrote:
> > On Mon, Jul 31, 2023 at 03:59:42PM -0300, Thadeu Lima de Souza Cascardo wrote:
> > > Any unprivileged user can attach N_GSM0710 ldisc, but it requires
> > > CAP_NET_ADMIN to create a GSM network anyway.
> > >
> > > Require initial namespace CAP_NET_ADMIN to do that.
> > >
> > > Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
> >
> > What commit id does this fix? Or has this always been a problem?
> >
> > thanks,
> >
> > greg k-h
>
> This has always been like this. It is not really fixing a specific commit, but
> introducing further restriction on access.
So by restricting access, will this now break existing userspace tools
that do not have this permission? I'm all for tightening up
permissions, but we can't break existing workflows without a good
reason.
thanks,
greg k-h
next prev parent reply other threads:[~2023-08-03 8:00 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-31 18:59 [PATCH] tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Thadeu Lima de Souza Cascardo
2023-08-01 4:53 ` Greg Kroah-Hartman
2023-08-01 13:02 ` Thadeu Lima de Souza Cascardo
2023-08-03 7:48 ` Greg Kroah-Hartman [this message]
2023-08-03 11:38 ` Thadeu Lima de Souza Cascardo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2023080344-happiness-duffel-c6ee@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cascardo@canonical.com \
--cc=jirislaby@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-serial@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox