On Fri, Feb 5, 2010 at 1:19 PM, Alexey Dobriyan <adobriyan@xxxxxxxxx> wrote: > On Fri, Feb 5, 2010 at 1:16 PM, Patrick McHardy <kaber@xxxxxxxxx> wrote: >> OK testing looks fine, although I'm quite surprised that its actually >> possible to change module parameters from within non-init namespaces. >> How is this supposed to work at all? I don't see how sysfs could >> possibly provide a network namespace context ... > > > You can do in write hook > > if (!net_eq(current->nsproxy->net_ns, &init_net)) > return -EINVAL; -EPERM of course. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
