https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200185
--- Comment #10 from commit-h...@freebsd.org --- A commit references this bug: Author: kevans Date: Mon Oct 21 14:38:12 UTC 2019 New revision: 353798 URL: https://svnweb.freebsd.org/changeset/base/353798 Log: tuntap(4): restrict scope of net.link.tap.user_open slightly net.link.tap.user_open has historically allowed non-root users to do devfs cloning and open /dev/tap* nodes based on permissions. Loosen this up to make it only allow users to do devfs cloning -- we no longer check it in tunopen. This allows tap devices to be created that can actually be opened by a user, rather than swiftly restricting them to root because the magic sysctl has not been set. The sysctl has not yet been completely deprecated, because more thought is needed for how to handle the devfs cloning case. There is not an easy suitable replacement for the sysctl there, and more care needs to be placed in determining whether that's OK or not. PR: 200185 Changes: head/UPDATING head/sys/net/if_tuntap.c -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
