[prev in list] [next in list] [prev in thread] [next in thread]
List: quagga-dev
Subject: [quagga-dev 11314] Re: [PATCH v2] zebra: raise the privileges before calling socket()
From: Michal Sekletar <msekleta () redhat ! com>
Date: 2014-05-28 15:54:17
Message-ID: 20140528155416.GA23794 () morgoth ! brq ! redhat ! com
[Download RAW message or body]
On Tue, May 27, 2014 at 07:51:25PM +0200, David Lamparter wrote:
> On Mon, May 26, 2014 at 04:49:40PM +0200, Michal Sekletar wrote:
> > On Fri, May 16, 2014 at 05:13:43PM +0200, Michal Sekletar wrote:
> > > Because of recent changes when creating AF_NETLINK socket, kernel will
> > > cache capabilities of the caller and if file descriptor is used or
> > > otherwise handed to another process it will check that current user has
> > > necessary capabilities to use the socket. Hence we need to ensure we
> > > have necessary capabilities when creating the socket and at the time we
> > > use the socket.
> > >
> > > See: http://www.spinics.net/lists/netdev/msg280198.html
> > >
> > > Signed-off-by: Michal Sekletar <msekleta@redhat.com>
> > > ---
> >
> > ping?
> >
> > If there is anything wrong with this submission please let me know.
>
> Nothing wrong, just the usual speed of things in Quagga.
Wasn't sure and got a bit impatient, apologies.
>
> (Actually, the comment shouldn't have been moved in your change, but
> that's in the "fix during apply" category)
>
> Since your fix essentially fixes something that "will become a
> regression" (yes, weasling through the rules here), I've accepted it
Fedora kernel team introduced this in F20 which is our *stable* release and
users started to notice. There is not much use for routing daemon which is
unable to put routes in kernel routing tables so I wanted to get this in as
quickly as possible.
> even though we're in release window shortly before 23-rc1.
> (The regression is against "Quagga works on a recent Linux kernel")
>
> Thanks,
Thank you very much,
>
> -David
Cheers,
Michal
_______________________________________________
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic