diff options
| author |   Harald Welte <laforge@netfilter.org> | 2005-11-14 15:24:59 -0800 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2005-11-14 15:24:59 -0800 |
| commit | 37d2e7a20d745035b600f1a6be56cbb9c7259419 (patch) | |
| tree | c76e0ba522d34c8b3021bf0f012632f7877f5281 /net/netfilter/nfnetlink_log.c | |
| parent | [NETFILTER] nf_conntrack: Add missing code to TCP conntrack module (diff) | |
| download | linux-dev-37d2e7a20d745035b600f1a6be56cbb9c7259419.tar.xz linux-dev-37d2e7a20d745035b600f1a6be56cbb9c7259419.zip | |
[NETFILTER] nfnetlink: unconditionally require CAP_NET_ADMIN
This patch unconditionally requires CAP_NET_ADMIN for all nfnetlink
messages. It also removes the per-message cap_required field, since all
existing subsystems use CAP_NET_ADMIN for all their messages anyway.
Patrick McHardy owes me a beer if we ever need to re-introduce this.
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/nfnetlink_log.c')
| -rw-r--r-- | net/netfilter/nfnetlink_log.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index d194676f3655..cba63729313d 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c @@ -862,11 +862,9 @@ out_put: static struct nfnl_callback nfulnl_cb[NFULNL_MSG_MAX] = { [NFULNL_MSG_PACKET] = { .call = nfulnl_recv_unsupp, - .attr_count = NFULA_MAX, - .cap_required = CAP_NET_ADMIN, }, + .attr_count = NFULA_MAX, }, [NFULNL_MSG_CONFIG] = { .call = nfulnl_recv_config, - .attr_count = NFULA_CFG_MAX, - .cap_required = CAP_NET_ADMIN }, + .attr_count = NFULA_CFG_MAX, }, }; static struct nfnetlink_subsystem nfulnl_subsys = { |