[NETFILTER] nfnetlink: unconditionally require CAP_NET_ADMIN

This patch unconditionally requires CAP_NET_ADMIN for all nfnetlink messages. It also removes the per-message cap_required field, since all existing subsystems use CAP_NET_ADMIN for all their messages anyway. Patrick McHardy owes me a beer if we ever need to re-introduce this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Harald Welte <laforge@netfilter.org> 2005-11-14 15:24:59 -0800
committer: David S. Miller <davem@davemloft.net> 2005-11-14 15:24:59 -0800
commit: 37d2e7a20d745035b600f1a6be56cbb9c7259419 (patch)
tree: c76e0ba522d34c8b3021bf0f012632f7877f5281 /include/linux
parent: 3746a2b1402e7933c7f1eabdce384b8454dc2ef7 (diff)
download: linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.tar.gz
linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.tar.bz2
linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 8be2f840a55..934a2479f16 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -112,7 +112,6 @@ struct nfnl_callback
 {
 	int (*call)(struct sock *nl, struct sk_buff *skb, 
 		struct nlmsghdr *nlh, struct nfattr *cda[], int *errp);
-	kernel_cap_t cap_required; /* capabilities required for this msg */
 	u_int16_t attr_count;	/* number of nfattr's */
 };
author	Harald Welte <laforge@netfilter.org>	2005-11-14 15:24:59 -0800
committer	David S. Miller <davem@davemloft.net>	2005-11-14 15:24:59 -0800
commit	37d2e7a20d745035b600f1a6be56cbb9c7259419 (patch)
tree	c76e0ba522d34c8b3021bf0f012632f7877f5281 /include/linux
parent	3746a2b1402e7933c7f1eabdce384b8454dc2ef7 (diff)
download	linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.tar.gz linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.tar.bz2 linux-3.10-37d2e7a20d745035b600f1a6be56cbb9c7259419.zip