On Mon, 10 Jul 2017 14:08:31 +0200 Matteo Croce <mcr...@redhat.com> wrote:
> Hi Phil, > > I noticed that your patch still leaves an uncovered scenario, the one where > the > namespace name is "." or "..". > Calling 'ip netns del ..' will remove /var/run which is a symlink to /run on > most systems causing some daemons, eg. dbus, to fail. > > ip netns doesn't validate input, allowing creation and deletion of files > relatives to /var/run/netns. > This patch denies creation or deletion of namespaces with names contaning > "/" or that matches exactly "." or "..". > --- > ip/ipnetns.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > The patch itself is good, but the commit message needs fixing. Please rewrite it to describe the problem, and add signed-off-by
