From e4d343ea92bdce831f071d9706b2daf097e6d009 Mon Sep 17 00:00:00 2001 From: Gao feng Date: Thu, 31 Jan 2013 16:30:59 +0000 Subject: [PATCH] netns: bridge: allow unprivileged users add/delete mdb entry since the mdb table is belong to bridge device,and the bridge device can only be seen in one netns. So it's safe to allow unprivileged user which is the creator of userns and netns to modify the mdb table. Signed-off-by: Gao feng Signed-off-by: David S. Miller --- net/bridge/br_mdb.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c index acc9f4cc18f7..38991e03646d 100644 --- a/net/bridge/br_mdb.c +++ b/net/bridge/br_mdb.c @@ -272,9 +272,6 @@ static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh, struct net_device *dev; int err; - if (!capable(CAP_NET_ADMIN)) - return -EPERM; - err = nlmsg_parse(nlh, sizeof(*bpm), tb, MDBA_SET_ENTRY, NULL); if (err < 0) return err; -- 2.20.1