diff options
author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-23 17:00:01 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-23 17:00:01 +0200 |
commit | 199f4c9f76fd8b030405abddf294e771f888de03 (patch) | |
tree | ee4f104a7562e1fd76882bc40f2de7d90812e1df /Documentation | |
parent | Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/... (diff) | |
parent | [NET]: Require CAP_NET_ADMIN to create tuntap devices. (diff) | |
download | linux-199f4c9f76fd8b030405abddf294e771f888de03.tar.xz linux-199f4c9f76fd8b030405abddf294e771f888de03.zip |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[NET]: Require CAP_NET_ADMIN to create tuntap devices.
[NET]: fix net-core kernel-doc
[TCP]: Move inclusion of <linux/dmaengine.h> to correct place in <linux/tcp.h>
[IPSEC]: Handle GSO packets
[NET]: Added GSO toggle
[NET]: Add software TSOv4
[NET]: Add generic segmentation offload
[NET]: Merge TSO/UFO fields in sk_buff
[NET]: Prevent transmission after dev_deactivate
[IPV6] ADDRCONF: Fix default source address selection without CONFIG_IPV6_PRIVACY
[IPV6]: Fix source address selection.
[NET]: Avoid allocating skb in skb_pad
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/networking/tuntap.txt | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/Documentation/networking/tuntap.txt b/Documentation/networking/tuntap.txt index 76750fb9151a..839cbb71388b 100644 --- a/Documentation/networking/tuntap.txt +++ b/Documentation/networking/tuntap.txt @@ -39,10 +39,13 @@ Copyright (C) 1999-2000 Maxim Krasnyansky <max_mk@yahoo.com> mknod /dev/net/tun c 10 200 Set permissions: - e.g. chmod 0700 /dev/net/tun - if you want the device only accessible by root. Giving regular users the - right to assign network devices is NOT a good idea. Users could assign - bogus network interfaces to trick firewalls or administrators. + e.g. chmod 0666 /dev/net/tun + There's no harm in allowing the device to be accessible by non-root users, + since CAP_NET_ADMIN is required for creating network devices or for + connecting to network devices which aren't owned by the user in question. + If you want to create persistent devices and give ownership of them to + unprivileged users, then you need the /dev/net/tun device to be usable by + those users. Driver module autoloading |