diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-25 17:50:59 -0400 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-08-15 00:55:29 -0400 |
| commit | 8c6e2a941ae74d850a7bf0e5b3f4cd567e0f27dc (patch) | |
| tree | 4233dd4dbac8f2631ab792d521deb68ae3027c52 /init | |
| parent | a6c6796c7127de55cfa9bb0cfbb082ec0acd4eab (diff) | |
userns: Convert xt_LOG to print socket kuids and kgids as uids and gids
xt_LOG always writes messages via sb_add via printk. Therefore when
xt_LOG logs the uid and gid of a socket a packet came from the
values should be converted to be in the initial user namespace.
Thus making xt_LOG as user namespace safe as possible.
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Patrick McHardy <kaber@trash.net>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'init')
| -rw-r--r-- | init/Kconfig | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/init/Kconfig b/init/Kconfig index b44c3a390699..c8911eb6d500 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
| @@ -945,7 +945,6 @@ config UIDGID_CONVERTED | |||
| 945 | depends on NET_9P = n | 945 | depends on NET_9P = n |
| 946 | depends on NETFILTER_XT_MATCH_OWNER = n | 946 | depends on NETFILTER_XT_MATCH_OWNER = n |
| 947 | depends on NETFILTER_XT_MATCH_RECENT = n | 947 | depends on NETFILTER_XT_MATCH_RECENT = n |
| 948 | depends on NETFILTER_XT_TARGET_LOG = n | ||
| 949 | depends on AF_RXRPC = n | 948 | depends on AF_RXRPC = n |
| 950 | depends on NET_KEY = n | 949 | depends on NET_KEY = n |
| 951 | depends on DNS_RESOLVER = n | 950 | depends on DNS_RESOLVER = n |