summaryrefslogtreecommitdiffstats
path: root/include/linux/capability.h
diff options
context:
space:
mode:
authorAndrew G. Morgan <morgan@kernel.org>2008-07-04 09:59:58 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-04 10:40:08 -0700
commit086f7316f0d400806d76323beefae996bb3849b1 (patch)
tree679405a89b7f8c7a75d3896e43c837b5a5115d7b /include/linux/capability.h
parentabbaeff38c00cb7f6817ec1cef406b27081ebedd (diff)
security: filesystem capabilities: fix fragile setuid fixup code
This commit includes a bugfix for the fragile setuid fixup code in the case that filesystem capabilities are supported (in access()). The effect of this fix is gated on filesystem capability support because changing securebits is only supported when filesystem capabilities support is configured.) [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Andrew G. Morgan <morgan@kernel.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/linux/capability.h')
-rw-r--r--include/linux/capability.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h
index fa830f8de03..02673846d20 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -501,6 +501,8 @@ extern const kernel_cap_t __cap_empty_set;
extern const kernel_cap_t __cap_full_set;
extern const kernel_cap_t __cap_init_eff_set;
+kernel_cap_t cap_set_effective(const kernel_cap_t pE_new);
+
int capable(int cap);
int __capable(struct task_struct *t, int cap);