Post Syndicated from corbet original https://lwn.net/Articles/947173/

Programs running in the BPF machine can, depending on how they are
attached, perform a number of privileged operations; the ability to load
and run those programs, thus, must be a privileged operation in its own
right. Almost since the beginning of the extended-BPF era, developers have
struggled to find a way to allow users to run the programs they need
without giving away more privilege than is necessary. Earlier this year,
the idea of a BPF token ran into some
opposition from security-oriented developers. Andrii Nakryiko has since
returned with an
updated patch set that significantly increases the granularity of the
privileges that can be conferred with a BPF token.