James Carlson wrote:
> Sebastien Roy writes:
>
>> This case does propose to relax the requirement for WiFi ioctls from
>> sys_net_config to the new sys_dl_config privilege in order to be
>> in-line with other GLDv3 datalink administration ioctls. The
>> net_rawaccess privilege will still be required for WiFi operations,
>> however, since libdladm.so still has to open /dev/net DLPI nodes in
>> order to issue WiFi ioctls.
>>
>
> This all looks good. One note: the excess privilege needed to open
> DLPI nodes affects other things as well. There are applications that
> would like to read out the interface MAC addresses but currently
> cannot do so because it requires privilege. It's not part of this
> project, but we probably have to address that one-privilege-for-all-
> access scheme for DLPI at some point in the future.
>
To my mind, the fix for this belongs in libdlpi or libdladm. Folks
using DLPI directly would probably be doing so primarily for
portability, and the ability to access DLPI as anything other than root
is not portable.
That said, my guess is that there could also be significant fallout from
changing the DLPI so that open() succeeds, but subsequent DLPI
operations fail. I would not be surprised to learn that applications
aren't designed to properly handle failure when doing operations like
DL_BIND_REQ. (Generally, at least for ethernet, DLPI operations never
fail once the stream is attached -- either via DL_ATTACH_REQ or via
style 1 open.)
-- Garrett
