diff options
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/namespace.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ipc/namespace.c b/ipc/namespace.c index f362298c..6ed33c0 100644 --- a/ipc/namespace.c +++ b/ipc/namespace.c @@ -161,8 +161,12 @@ static void ipcns_put(void *ns) return put_ipc_ns(ns); } -static int ipcns_install(struct nsproxy *nsproxy, void *ns) +static int ipcns_install(struct nsproxy *nsproxy, void *new) { + struct ipc_namespace *ns = new; + if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN)) + return -EPERM; + /* Ditch state from the old ipc namespace */ exit_sem(current); put_ipc_ns(nsproxy->ipc_ns); |
