diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/core/net_namespace.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 6456439cbbd9..ec2870b44c1f 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -630,8 +630,13 @@ static void netns_put(void *ns) static int netns_install(struct nsproxy *nsproxy, void *ns) { + struct net *net = ns; + + if (!ns_capable(net->user_ns, CAP_SYS_ADMIN)) + return -EPERM; + put_net(nsproxy->net_ns); - nsproxy->net_ns = get_net(ns); + nsproxy->net_ns = get_net(net); return 0; } |