netns: bridge: allow unprivileged users add/delete mdb entry

since the mdb table is belong to bridge device,and the bridge device can only be seen in one netns. So it's safe to allow unprivileged user which is the creator of userns and netns to modify the mdb table. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-01-31 16:30:59 +00:00 · 2013-01-31 16:30:59 +00:00 · e4d343ea92
commit e4d343ea92
parent bb12b8b26e
1 changed files with 0 additions and 3 deletions
--- a/net/bridge/br_mdb.c
+++ b/net/bridge/br_mdb.c
@ -272,9 +272,6 @@ static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct net_device *dev;
 	int err;

-	if (!capable(CAP_NET_ADMIN))
-		return -EPERM;
-
 	err = nlmsg_parse(nlh, sizeof(*bpm), tb, MDBA_SET_ENTRY, NULL);
 	if (err < 0)
 		return err;