userns: make each net (net_ns) belong to a user_ns - kernel

diff options

author	Eric W. Biederman <[email protected]>	2012-11-16 03:02:57 +0000
committer	David S. Miller <[email protected]>	2012-11-19 01:30:55 +0000
commit	d328b836823cd4a76611a45f52e208f8ce3d75d7 (patch)
tree	73c874c9e1c5c328d198c15d79eff0ad4bbd52af /net/unix/sysctl_net_unix.c
parent	netns: Deduplicate and fix copy_net_ns when !CONFIG_NET_NS (diff)
download	kernel-d328b836823cd4a76611a45f52e208f8ce3d75d7.tar.gz kernel-d328b836823cd4a76611a45f52e208f8ce3d75d7.zip

userns: make each net (net_ns) belong to a user_ns

The user namespace which creates a new network namespace owns that namespace and all resources created in it. This way we can target capability checks for privileged operations against network resources to the user_ns which created the network namespace in which the resource lives. Privilege to the user namespace which owns the network namespace, or any parent user namespace thereof, provides the same privilege to the network resource. This patch is reworked from a version originally by Serge E. Hallyn <[email protected]> Acked-by: Serge Hallyn <[email protected]> Signed-off-by: Eric W. Biederman <[email protected]> Signed-off-by: David S. Miller <[email protected]>

Diffstat (limited to 'net/unix/sysctl_net_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: