diff options
Diffstat (limited to 'net/core')
-rw-r--r-- | net/core/net_namespace.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 2e9a3132b8dd..8acce01b6dab 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -649,7 +649,8 @@ static int netns_install(struct nsproxy *nsproxy, void *ns) { struct net *net = ns; - if (!ns_capable(net->user_ns, CAP_SYS_ADMIN)) + if (!ns_capable(net->user_ns, CAP_SYS_ADMIN) || + !nsown_capable(CAP_SYS_ADMIN)) return -EPERM; put_net(nsproxy->net_ns); |