Comment 7 for bug 256216

Roland Dreier (roland.dreier) wrote :

Seems like time is running out to address this in 8.10?

This isn't really a security issue -- the rdma_cm device node is designed to be safe for unprivileged users to access, and Debian has been shipping udev rules that give group "rdma" access for quite a while with no reported security issues. And given that no users are in group "rdma" by default anyway, administrator intervention is required for this to make a difference even with the patch applied.

I thought the objection was to having an "rdma" group, and I'd like to make progress on some more acceptable alternative mechanism, but I need some hint as to what that would be.