/[linux-patches]/genpatches-2.6/historical/2.6.10/1105_capabilities-module-fix.patch
Gentoo

Contents of /genpatches-2.6/historical/2.6.10/1105_capabilities-module-fix.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2 - (show annotations) (download) (as text)
Sat Jun 11 23:16:54 2005 UTC (15 years, 3 months ago) by dsd
File MIME type: text/x-diff
File size: 1593 byte(s)
Import historical releases
1 # This is a BitKeeper generated diff -Nru style patch.
2 #
3 # ChangeSet
4 # 2005/01/04 13:54:13-08:00 chrisw@osdl.org
5 # [PATCH] track capabilities in default dummy security module code
6 #
7 # Switch dummy logic around to set cap_* bits during exec and set*uid based
8 # on basic uid check. Then check cap_* bits during capable() (rather than
9 # doing basic uid check). This ensures that capability bits are properly
10 # initialized in case the capability module is later loaded.
11 #
12 # Signed-off-by: Chris Wright <chrisw@osdl.org>
13 # Signed-off-by: Linus Torvalds <torvalds@osdl.org>
14 #
15 # security/dummy.c
16 # 2005/01/04 13:14:10-08:00 chrisw@osdl.org +3 -4
17 # track capabilities in default dummy security module code
18 #
19 diff -Nru a/security/dummy.c b/security/dummy.c
20 --- a/security/dummy.c 2005-01-07 08:15:44 -08:00
21 +++ b/security/dummy.c 2005-01-07 08:15:44 -08:00
22 @@ -74,11 +74,8 @@
23
24 static int dummy_capable (struct task_struct *tsk, int cap)
25 {
26 - if (cap_is_fs_cap (cap) ? tsk->fsuid == 0 : tsk->euid == 0)
27 - /* capability granted */
28 + if (cap_raised (tsk->cap_effective, cap))
29 return 0;
30 -
31 - /* capability denied */
32 return -EPERM;
33 }
34
35 @@ -183,6 +180,7 @@
36
37 static void dummy_bprm_free_security (struct linux_binprm *bprm)
38 {
39 + dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
40 return;
41 }
42
43 @@ -558,6 +556,7 @@
44
45 static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
46 {
47 + dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
48 return 0;
49 }
50

  ViewVC Help
Powered by ViewVC 1.1.20