> > Seems bogus extra code to me - stops things working that should be > > allowed too. > > > The timer configuration is propagated in network protocol, so > misconfigured Linux box > could survive but effect other devices on the network that are less > robust. Maybe the That would be irrelevant. CAP_NET_ADMIN lets you make that size mess anyway. > small values would cause some other bridge to crash, go infinite loop, ... > More likely robust devices might ignore our packets (because values out > of range), leading to > routing loops and other disasters. Spamming tree isn't secure, news at 11. > The kernel does need to stop administrative settings from taking out a > network. If you have CAP_NET_ADMIN you can trivially take out the network unless it is properly switched. Now you might want your pretty little GUI and/or config tools to warn people that their configuration is outside 802 specs but that is a different matter altogether Alan _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
