summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorFlorian Westphal <fwestphal@astaro.com>2010-01-08 17:31:24 +0100
committerPatrick McHardy <kaber@trash.net>2010-01-08 17:31:24 +0100
commitdce766af541f6605fa9889892c0280bab31c66ab (patch)
treefd9a11a09bf038336429f33dc092333aa745edb1 /lib
parentaaff23a95aea5f000895f50d90e91f1e2f727002 (diff)
downloadlinux-stable-dce766af541f6605fa9889892c0280bab31c66ab.tar.gz
linux-stable-dce766af541f6605fa9889892c0280bab31c66ab.tar.bz2
linux-stable-dce766af541f6605fa9889892c0280bab31c66ab.zip
netfilter: ebtables: enforce CAP_NET_ADMIN
normal users are currently allowed to set/modify ebtables rules. Restrict it to processes with CAP_NET_ADMIN. Note that this cannot be reproduced with unmodified ebtables binary because it uses SOCK_RAW. Signed-off-by: Florian Westphal <fwestphal@astaro.com> Cc: stable@kernel.org Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'lib')
0 files changed, 0 insertions, 0 deletions