diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/net_namespace.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 6456439cbbd9..ec2870b44c1f 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c | |||
| @@ -630,8 +630,13 @@ static void netns_put(void *ns) | |||
| 630 | 630 | ||
| 631 | static int netns_install(struct nsproxy *nsproxy, void *ns) | 631 | static int netns_install(struct nsproxy *nsproxy, void *ns) |
| 632 | { | 632 | { |
| 633 | struct net *net = ns; | ||
| 634 | |||
| 635 | if (!ns_capable(net->user_ns, CAP_SYS_ADMIN)) | ||
| 636 | return -EPERM; | ||
| 637 | |||
| 633 | put_net(nsproxy->net_ns); | 638 | put_net(nsproxy->net_ns); |
| 634 | nsproxy->net_ns = get_net(ns); | 639 | nsproxy->net_ns = get_net(net); |
| 635 | return 0; | 640 | return 0; |
| 636 | } | 641 | } |
| 637 | 642 | ||