On Mon, 1 Mar 2021 at 10:04, Christian Brauner <christian.brauner@xxxxxxxxxx> wrote: > > Hey Lorenz, > > Just to make sure: is it intentional that any user can retrieve the > cookie associated with any network namespace, i.e. you don't require any > form of permission checking in the owning user namespace of the network > namespace? > > Christian Hi Christian, I've decided to drop the patch set for now, but that was my intention, yes. Is there a downside I'm not aware of? Lorenz -- Lorenz Bauer | Systems Engineer 6th Floor, County Hall/The Riverside Building, SE1 7PB, UK www.cloudflare.com
