Isn't it still a large impact if a single user can, either in error, or maliciously, break DHCP for all subnets sharing a DHCP agent?
Last time this came up for us, I was able to work around it as only some kernel versions (see up-thread) are affected, but it would be great if the "blast radius" of a broken DHCP process could be limited to the misconfigured network/namespace.
Isn't it still a large impact if a single user can, either in error, or maliciously, break DHCP for all subnets sharing a DHCP agent?
Last time this came up for us, I was able to work around it as only some kernel versions (see up-thread) are affected, but it would be great if the "blast radius" of a broken DHCP process could be limited to the misconfigured network/namespace.