summaryrefslogtreecommitdiffstats
path: root/net/appletalk
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2015-06-19 10:41:21 -0500
committerDavid S. Miller <davem@davemloft.net>2015-06-23 06:23:22 -0700
commitfdab6a4cbd8933092155449ca7253eba973ada14 (patch)
treee828a7a7716d382cc0ad63f21fe448b78584ac7a /net/appletalk
parentdfe816c5e37272f2f3c1311f0e9934e1b4229261 (diff)
downloadlinux-fdab6a4cbd8933092155449ca7253eba973ada14.tar.bz2
netfilter: nftables: Do not run chains in the wrong network namespace
Currenlty nf_tables chains added in one network namespace are being run in all network namespace. The issues are myriad with the simplest being an unprivileged user can cause any network packets to be dropped. Address this by simply not running nf_tables chains in the wrong network namespace. Cc: stable@vger.kernel.org Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/appletalk')
0 files changed, 0 insertions, 0 deletions