On Tue, 28 Nov 2017, David Miller wrote:
> From: Linus Torvalds <[email protected]>
> Date: Mon, 27 Nov 2017 10:41:30 -0800
>
> > What are the real life use-cases for normal users having modules
> > auto-load?
>
> User opens SCTP socket, SCTP protocol module loads.
>
> People build test cases via namespaces, and in that namespaces normal
> users can setup virtual tunnel devices themselves, and those configure
> operations can bring the tunnel module in.
What about implementing a white list of modules which are able to be
loaded by unprivileged users?
Then, Linus' solution would look something like:
va_start(args, fmt);
ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args);
va_end(args);
if (WARN_ON_ONCE(!capable(CAP_SYS_MODULE) ||
!capable(CAP_SYS_ADMIN) ||
!capable(CAP_NET_ADMIN) ||
!unprivileged_autoload(module_name)))
return -EPERM;
--
James Morris
<[email protected]>
From 1585256456081596936@xxx Mon Nov 27 21:32:47 +0000 2017
X-GM-THRID: 1585240558529359461
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread