Currently, this filter only takes into account 'ip netns exec' as
input but this command accepts different aliases like 'ip net e' or
'ip netn ex', etcetera. This is a security issue since bypassing
this filter basically allows anyone to execute arbitary commands
because IpFilter will get hit and there's not going to be any
further checks against CommandFilters.
Change-Id: I2f6e55de4e60f2d3a6166c2fefbc31e9afc6c26f
Closes-Bug: 1765734
Co-Authored-By: Jakub Libosvar <jlibosva@redhat.com>
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
ed125c0c1c