On Tuesday 2010-04-13 13:43, Patrick McHardy wrote: >Jan Engelhardt wrote: >> On Tuesday 2010-04-06 16:12, Patrick McHardy wrote: >>> Jan Engelhardt wrote: >>>> +/* Defaults, these can be overridden on the module command-line. */ >>>> +static unsigned int condition_list_perms = S_IRUSR | S_IWUSR; >>>> +static unsigned int condition_uid_perms; >>>> +static unsigned int condition_gid_perms; >>> I think it might be useful to make them overridable on a per-rule base >>> if it doesn't cause inconsistent behaviour when sharing a condition >>> variable. >> >> That does not work; a condition variable can only be owned >> by one uid. > >Yeah. We could allow just the creating rule to specify permissions. >But its not necessary. Well, don't forget that adding a rule means creating a new table adding two rules and throwing away the old one. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
