On 15.09.2010 22:52, Jan Engelhardt wrote: > > On Wednesday 2010-09-15 22:39, Patrick McHardy wrote: >> Am 17.08.2010 10:36, schrieb Luciano Coelho: >>> +/* Defaults, these can be overridden on the module command-line. */ >>> +static unsigned int condition_list_perms = S_IRUGO | S_IWUSR; >>> +static unsigned int condition_uid_perms = 0; >>> +static unsigned int condition_gid_perms = 0; >> >> I'm not sure whether we already discussed this, but this isn't >> useful if namespaces are used since the IDs aren't global. > > Well it's also done for other xt modules that offer a procfs interface. > It does not really cost much to have this present I'd say. They should simply set the permissions for the current namespace. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
