[Devel] Re: [PATCH 4/6] add SO_NSID and SO_NETNS socket options

Eric W. Biederman Thu, 30 Oct 2008 16:11:30 -0700

> +     case SO_NSID:
> +             if (!capable(CAP_NET_ADMIN)) {
> +                     ret = -EPERM;
> +             } else {
> +                     struct net *old_net, *new_net;
> +
> +                     ret = -EINVAL;
> +                     new_net = get_net_ns_by_id(val);
> +                     if (new_net) {
> +                             ret = 0;
> +                             old_net = sock_net(sk);
> +                             sock_net_set(sk, get_net(new_net));
> +                             put_net(old_net);
> +                     }
> +             }


Ouch.  This is incomplete.  We can't perform this transformation on a bound 
socket.
And I don't see anything that would prevent that. 

Eric

_______________________________________________
Containers mailing list
[EMAIL PROTECTED]
https://lists.linux-foundation.org/mailman/listinfo/containers

_______________________________________________
Devel mailing list
[email protected]
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 4/6] add SO_NSID and SO_NETNS socket options

Reply via email to