Jan Engelhardt wrote: > On Tuesday 2010-04-13 13:43, Patrick McHardy wrote: >> Jan Engelhardt wrote: >>> On Tuesday 2010-04-06 16:12, Patrick McHardy wrote: >>>> Jan Engelhardt wrote: >>>>> +/* Defaults, these can be overridden on the module command-line. */ >>>>> +static unsigned int condition_list_perms = S_IRUSR | S_IWUSR; >>>>> +static unsigned int condition_uid_perms; >>>>> +static unsigned int condition_gid_perms; >>>> I think it might be useful to make them overridable on a per-rule base >>>> if it doesn't cause inconsistent behaviour when sharing a condition >>>> variable. >>> That does not work; a condition variable can only be owned >>> by one uid. >> Yeah. We could allow just the creating rule to specify permissions. >> But its not necessary. > > Well, don't forget that adding a rule means creating a new table > adding two rules and throwing away the old one. > That doesn't matter. The condition either exists or it doesn't. In the later case you could specify permissions. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
