On Tue, Dec 5, 2017 at 6:19 PM, David Ahern <dsah...@gmail.com> wrote:
>> + if (!net_eq(dev_net(dev), sock_net(sk)) &&
>> + !net_eq(dev_net(dev), &init_net)) {
>
> Why is init_net special? Seems like snooping should be limited to the
> namespace you are in.Depends how important it is to preserve the current "typical use case" behavior, where the root user in the init netns can see all netlink traffic on the system.
