linux-stable-rt/net/bridge/netfilter
Florian Westphal dce766af54 netfilter: ebtables: enforce CAP_NET_ADMIN
normal users are currently allowed to set/modify ebtables rules.
Restrict it to processes with CAP_NET_ADMIN.

Note that this cannot be reproduced with unmodified ebtables binary
because it uses SOCK_RAW.

Signed-off-by: Florian Westphal <fwestphal@astaro.com>
Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-01-08 17:31:24 +01:00
..
Kconfig
Makefile
ebt_802_3.c
ebt_among.c
ebt_arp.c
ebt_arpreply.c
ebt_dnat.c
ebt_ip.c
ebt_ip6.c
ebt_limit.c
ebt_log.c netfilter: ebtables: Use %pM conversion specifier 2009-08-10 10:10:55 +02:00
ebt_mark.c
ebt_mark_m.c
ebt_nflog.c
ebt_pkttype.c
ebt_redirect.c
ebt_snat.c
ebt_stp.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
ebt_ulog.c netfilter: ebt_ulog: fix checkentry return value 2009-09-01 14:34:01 +02:00
ebt_vlan.c
ebtable_broute.c netfilter: xtables: mark initial tables constant 2009-08-24 14:56:30 +02:00
ebtable_filter.c netfilter: xtables: mark initial tables constant 2009-08-24 14:56:30 +02:00
ebtable_nat.c netfilter: xtables: switch hook PFs to nfproto 2009-08-10 13:35:21 +02:00
ebtables.c netfilter: ebtables: enforce CAP_NET_ADMIN 2010-01-08 17:31:24 +01:00