net: Export ip fragment sysctl to unprivileged users

Now that all the ip fragmentation related sysctls are namespaceified there is no reason to hide them anymore from "root" users inside containers. Signed-off-by: N Nikolay Borisov <kernel@kyup.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

net: Export ip fragment sysctl to unprivileged users
Now that all the ip fragmentation related sysctls are namespaceified there is no reason to hide them anymore from "root" users inside containers. Signed-off-by: N Nikolay Borisov <kernel@kyup.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
52a773d6 · Nikolay Borisov · David S. Miller · 0fbf4cb2 · 52a773d6
隐藏空白更改
内联并排

Showing with 0 addition and 4 deletion

net/ipv4/ip_fragment.c net/ipv4/ip_fragment.c +0 -4

未找到文件。
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -789,10 +789,6 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net)
 		table[1].extra2 = &net->ipv4.frags.high_thresh;
 		table[2].data = &net->ipv4.frags.timeout;
 		table[3].data = &net->ipv4.frags.max_dist;
-
-		/* Don't export sysctls to unprivileged users */
-		if (net->user_ns != &init_user_ns)
-			table[0].procname = NULL;
 	}

 	hdr = register_net_sysctl(net, "net/ipv4", table);