On 10/23/20 4:02 AM, Vincent Bernat wrote: > ❦ 2 avril 2020 17:47 -07, David Miller: > >>> Currently, SO_BINDTODEVICE requires CAP_NET_RAW. This change allows a >>> non-root user to bind a socket to an interface if it is not already >>> bound. >> ... >> >> Ok I'm convinced now, thanks for your patience. > > I've got some user feedback about this patch. I didn't think the patch > would allow to circumvent routing policies on most common setups, but > VPN may setup a default route with a lower metric and an application may > (on purpose or by accident) use SO_BINDTODEVICE to circumvent the lower > metric route: > > default via 10.81.0.1 dev tun0 proto static metric 50 > default via 192.168.122.1 dev enp1s0 proto dhcp metric 100
I thought we discussed this at the time you submitted your patch. That was a known issue then, so nothing has really changed. Again, this patch just brings equivalence to TCP for capabilities in UDP and raw sockets. > > I am wondering if we should revert the patch for 5.10 while we can, > waiting for a better solution (and breaking people relying on the new > behavior in 5.9). > > Then, I can propose a patch with a sysctl to avoid breaking existing > setups. > I have not walked the details, but it seems like a security policy can be installed to get the previous behavior.
