| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1359685860-29636-3-git-send-email-gaofeng@cn.fujitsu.com> Date: Fri, 1 Feb 2013 10:30:59 +0800 From: Gao feng <gaofeng@...fujitsu.com> To: davem@...emloft.net Cc: netdev@...r.kernel.org, containers@...ts.linux-foundation.org, ebiederm@...ssion.com, serge@...lyn.com, pablo@...filter.org, amwang@...hat.com, Gao feng <gaofeng@...fujitsu.com> Subject: [PATCH net-next 3/4] netns: bridge: allow unprivileged users add/delete mdb entry since the mdb table is belong to bridge device,and the bridge device can only be seen in one netns. So it's safe to allow unprivileged user which is the creator of userns and netns to modify the mdb table. Signed-off-by: Gao feng <gaofeng@...fujitsu.com> --- net/bridge/br_mdb.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c index acc9f4c..38991e0 100644 --- a/net/bridge/br_mdb.c +++ b/net/bridge/br_mdb.c @@ -272,9 +272,6 @@ static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh, struct net_device *dev; int err; - if (!capable(CAP_NET_ADMIN)) - return -EPERM; - err = nlmsg_parse(nlh, sizeof(*bpm), tb, MDBA_SET_ENTRY, NULL); if (err < 0) return err; -- 1.7.11.7 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists