196041 – Permissions for /dev/net/tun are too restrictive.

Bug 196041 - Permissions for /dev/net/tun are too restrictive.

Summary: Permissions for /dev/net/tun are too restrictive.

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	udev
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Harald Hoyer
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FC7Target
TreeView+	depends on / blocked

Reported:	2006-06-20 15:58 UTC by David Woodhouse
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2007-06-26 12:54:31 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description David Woodhouse 2006-06-20 15:58:13 UTC

There's no reason not to allow unprivileged users to open /dev/net/tun -- you
need CAP_NET_ADMIN to do anything interesting with it anyway, unless a
persistent device has been created and specifically given to the user in
question... in which case it's extremely _useful_ for them to be able to use it.

Please change the default mode to 0666.

Comment 1 David Woodhouse 2006-06-20 16:03:08 UTC

Oops, I lie -- we do allow users to create new devices. I'll need to fix that in
the kernel first.

Comment 2 David Woodhouse 2006-06-29 07:59:28 UTC

Fixed in kernel 2.6.17-1.2309_FC6

Comment 3 Harald Hoyer 2006-09-29 14:16:32 UTC

so, 0666 ??

Comment 4 David Woodhouse 2006-09-29 14:42:34 UTC

Please. And for FC6 too.

Comment 5 David Woodhouse 2007-05-02 07:25:41 UTC

Pretty please?

Comment 6 Harald Hoyer 2007-05-02 11:41:38 UTC

fixed in udev-106-4.fc7 ... FC6 will follow

Note You need to log in before you can comment on or make changes to this bug.