|
Greetings! I'm trying to write a widget, which reports intel CPUs power consumption. For that, the widget needs access to /dev/cpu/.../msr, as well as ability to load kernel modules cpuid and msr. I can set CAP_SYS_RAWIO capability to get the access, but the problem is that /dev/cpu/.../msr & cpuid files can only be read and written by root. Which i find stupid, since the simple widget still needs to acquire the whole root just to report power usage. And that is exactly what "the capability" feature was trying to prevent. It would have been more sane, if those files were accessible for rw by anyone, since access to them now requires the CAP_SYS_RAWIO capability anyway. In this case, the widget won't need the whole root, but just the capability. Same applies to CAP_SYS_MODULE for loading/removing kernel modules. Generally speaking, I think the root access policies should be reconsidered with the introduction of the capability system. |
-- Ubuntu-devel-discuss mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
