Thanks.
Better late than ever... :)
On Sun, Dec 5, 2010 at 10:56 PM, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote:
> On Sunday 2010-12-05 20:37, Alon Bar-Lev wrote:
>
>>Hello,
>>
>>I see that the cmd-owner was dropped some [long] time ago, I do not
>>know the reason, however I need this functionality.
>
> commit 34b4a4a624bafe089107966a6c56d2a1aca026d4
> Author: Christoph Hellwig <hch@xxxxxx>
> Date: Â Sun Aug 14 17:33:59 2005 -0700
>
> Â Â[NETFILTER]: Remove tasklist_lock abuse in ipt{,6}owner
>
> Â ÂRip out cmd/sid/pid matching since its unfixable broken and stands in the
> Â Âway of locking changes to tasklist_lock.
>
> Â ÂSigned-off-by: Christoph Hellwig <hch@xxxxxx>
> Â ÂSigned-off-by: Patrick McHardy <kaber@xxxxxxxxx>
> Â ÂSigned-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
>
>
> It's a little late to come with "I need this" 5 years after the fact.
>
>>Is there any alternative for this? I mean to set up a static rule that
>>assigns specific command-line netfilter acls?
>
> SELinux, SNET, or other LSMs.
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
