Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ca6bb5d7 authored Jun 22, 2006 by David Woodhouse Committed by David S. Miller Jun 23, 2006

[NET]: Require CAP_NET_ADMIN to create tuntap devices.

The tuntap driver allows an admin to create persistent devices and
assign ownership of them to individual users. Unfortunately, relaxing
the permissions on the /dev/net/tun device node so that they can
actually use those devices will _also_ allow those users to create
arbitrary new devices of their own. This patch corrects that, and
adjusts the recommended permissions for the device node accordingly.

Signed-off-By: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent f4b8ea78

Documentation/networking/tuntap.txt

+7 −4

Original line number	Diff line number	Diff line
		@@ -39,10 +39,13 @@ Copyright (C) 1999-2000 Maxim Krasnyansky <max_mk@yahoo.com>
		mknod /dev/net/tun c 10 200

		Set permissions:
		e.g. chmod 0700 /dev/net/tun
		if you want the device only accessible by root. Giving regular users the
		right to assign network devices is NOT a good idea. Users could assign
		bogus network interfaces to trick firewalls or administrators.
		e.g. chmod 0666 /dev/net/tun
		There's no harm in allowing the device to be accessible by non-root users,
		since CAP_NET_ADMIN is required for creating network devices or for
		connecting to network devices which aren't owned by the user in question.
		If you want to create persistent devices and give ownership of them to
		unprivileged users, then you need the /dev/net/tun device to be usable by
		those users.

		Driver module autoloading

drivers/net/tun.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -490,6 +490,9 @@ static int tun_set_iff(struct file file, struct ifreq ifr)

		err = -EINVAL;

		if (!capable(CAP_NET_ADMIN))
		return -EPERM;

		/* Set dev type */
		if (ifr->ifr_flags & IFF_TUN) {
		/* TUN device */