Hi, In ipv6_sockglue.c I noticed:
/* hop-by-hop / destination options are privileged option */
retv = -EPERM;
if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW))
break;
Can anyone provide that rationale as to why these are privileged ops?
Thanks,
Tom
