forge/linux-pinenote
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linux-pinenote/net/bridge
History
Florian Westphal dce766af54 netfilter: ebtables: enforce CAP_NET_ADMIN 
normal users are currently allowed to set/modify ebtables rules.
Restrict it to processes with CAP_NET_ADMIN.

Note that this cannot be reproduced with unmodified ebtables binary
because it uses SOCK_RAW.

Signed-off-by: Florian Westphal <fwestphal@astaro.com>
Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-01-08 17:31:24 +01:00
..
netfilter netfilter: ebtables: enforce CAP_NET_ADMIN 2010-01-08 17:31:24 +01:00
br.c bridge: Use rcu_barrier() instead of syncronize_net() on unload. 2009-06-26 13:51:32 -07:00
br_device.c bridge: Allow enable/disable UFO on bridge device via ethtool 2009-10-07 22:00:24 -07:00
br_fdb.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
br_forward.c net/bridge: Add 'hairpin' port forwarding mode 2009-08-13 16:26:11 -07:00
br_if.c cfg80211: disallow bridging managed/adhoc interfaces 2009-11-19 11:08:54 -05:00
br_input.c bridge: relay bridge multicast pkgs if !STP 2009-05-17 21:12:54 -07:00
br_ioctl.c bridge: remove dev_put() in add_del_if() 2009-11-05 22:34:16 -08:00
br_netfilter.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
br_netlink.c
br_notify.c
br_private.h netdev: convert pseudo-devices to netdev_tx_t 2009-09-01 01:13:07 -07:00
br_private_stp.h
br_stp.c net: mark read-only arrays as const 2009-08-05 10:42:58 -07:00
br_stp_bpdu.c
br_stp_if.c
br_stp_timer.c
br_sysfs_br.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
br_sysfs_if.c net/bridge: Add 'hairpin' port forwarding mode 2009-08-13 16:26:11 -07:00
Kconfig
Makefile