summaryrefslogtreecommitdiff
path: root/net/ipv6/sysctl_net_ipv6.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6/sysctl_net_ipv6.c')
-rw-r--r--net/ipv6/sysctl_net_ipv6.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index e85c48bd404..b06fd078e6c 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -52,6 +52,10 @@ static int __net_init ipv6_sysctl_net_init(struct net *net)
goto out;
ipv6_table[0].data = &net->ipv6.sysctl.bindv6only;
+ /* Don't export sysctls to unprivileged users */
+ if (net->user_ns != &init_user_ns)
+ ipv6_table[0].procname = NULL;
+
ipv6_route_table = ipv6_route_sysctl_init(net);
if (!ipv6_route_table)
goto out_ipv6_table;
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-04 05:19:37 +0000