Re: [PATCH v3 net-next 3/5] sock: ULP infrastructure

[Hannes Frederic Sowa]

Tom Herbert <t...@quantonium.net> writes:

> +#ifdef CONFIG_MODULES
> +     if (!ulp && capable(CAP_NET_ADMIN)) {
> +             rcu_read_unlock();
> +             request_module("%s", name);
> +             rcu_read_lock();
> +             ulp = ulp_find(name);
> +     }
> +#endif

It looks to me that this allows users with only CAP_NET_ADMIN
privileges to load every module?