Sebastien Roy writes: > This case does propose to relax the requirement for WiFi ioctls from > sys_net_config to the new sys_dl_config privilege in order to be > in-line with other GLDv3 datalink administration ioctls. The > net_rawaccess privilege will still be required for WiFi operations, > however, since libdladm.so still has to open /dev/net DLPI nodes in > order to issue WiFi ioctls.
This all looks good. One note: the excess privilege needed to open DLPI nodes affects other things as well. There are applications that would like to read out the interface MAC addresses but currently cannot do so because it requires privilege. It's not part of this project, but we probably have to address that one-privilege-for-all- access scheme for DLPI at some point in the future. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
