leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

net: Export ip fragment sysctl to unprivileged users

Browse Source 
Now that all the ip fragmentation related sysctls are namespaceified
there is no reason to hide them anymore from "root" users inside
containers.

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Nikolay Borisov 2016-02-15 12:11:32 +02:00 committed by David S. Miller
parent 0fbf4cb27e
commit 52a773d645
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/ipv4/ip_fragment.c
View File

@ -789,10 +789,6 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net)
table[1].extra2 = &net->ipv4.frags.high_thresh;
table[2].data = &net->ipv4.frags.timeout;
table[3].data = &net->ipv4.frags.max_dist;
/* Don't export sysctls to unprivileged users */
if (net->user_ns != &init_user_ns)
table[0].procname = NULL;
}
hdr = register_net_sysctl(net, "net/ipv4", table);