git.baikalelectronics.ru Git - kernel.git/commit

author	Maciej Żenczykowski <maze@google.com>
	Tue, 23 Nov 2021 20:37:15 +0000 (12:37 -0800)
committer	Jakub Kicinski <kuba@kernel.org>
	Thu, 25 Nov 2021 02:57:05 +0000 (18:57 -0800)
commit	d05d08d9873d14a6ee588d0253b5026b0a9aa744
tree	3ce084ab2da800bcb11f408774bdf847bdcbebc1	tree \| snapshot
parent	711f82a09b11a2607cab0b403b79f163da6227a2	commit \| diff

net: allow SO_MARK with CAP_NET_RAW

A CAP_NET_RAW capable process can already spoof (on transmit) anything
it desires via raw packet sockets... There is no good reason to not
allow it to also be able to play routing tricks on packets from its
own normal sockets.

There is a desire to be able to use SO_MARK for routing table selection
(via ip rule fwmark) from within a user process without having to run
it as root. Granting it CAP_NET_RAW is much less dangerous than
CAP_NET_ADMIN (CAP_NET_RAW doesn't permit persistent state change,
while CAP_NET_ADMIN does - by for example allowing the reconfiguration
of the routing tables and/or bringing up/down devices).

Let's keep CAP_NET_ADMIN for persistent state changes,
while using CAP_NET_RAW for non-configuration related stuff.

Signed-off-by: Maciej Żenczykowski <maze@google.com>
Link: https://lore.kernel.org/r/20211123203715.193413-1-zenczykowski@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>