diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-25 15:50:59 -0600 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-08-14 21:55:29 -0700 |
commit | 8c6e2a941ae74d850a7bf0e5b3f4cd567e0f27dc (patch) | |
tree | 4233dd4dbac8f2631ab792d521deb68ae3027c52 /init | |
parent | a6c6796c7127de55cfa9bb0cfbb082ec0acd4eab (diff) | |
download | linux-8c6e2a941ae74d850a7bf0e5b3f4cd567e0f27dc.tar.bz2 |
userns: Convert xt_LOG to print socket kuids and kgids as uids and gids
xt_LOG always writes messages via sb_add via printk. Therefore when
xt_LOG logs the uid and gid of a socket a packet came from the
values should be converted to be in the initial user namespace.
Thus making xt_LOG as user namespace safe as possible.
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Patrick McHardy <kaber@trash.net>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'init')
-rw-r--r-- | init/Kconfig | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/init/Kconfig b/init/Kconfig index b44c3a390699..c8911eb6d500 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -945,7 +945,6 @@ config UIDGID_CONVERTED depends on NET_9P = n depends on NETFILTER_XT_MATCH_OWNER = n depends on NETFILTER_XT_MATCH_RECENT = n - depends on NETFILTER_XT_TARGET_LOG = n depends on AF_RXRPC = n depends on NET_KEY = n depends on DNS_RESOLVER = n |