diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2008-07-04 09:59:58 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-07-04 10:40:08 -0700 |
commit | 086f7316f0d400806d76323beefae996bb3849b1 (patch) | |
tree | 679405a89b7f8c7a75d3896e43c837b5a5115d7b /include/linux/capability.h | |
parent | abbaeff38c00cb7f6817ec1cef406b27081ebedd (diff) |
security: filesystem capabilities: fix fragile setuid fixup code
This commit includes a bugfix for the fragile setuid fixup code in the
case that filesystem capabilities are supported (in access()). The effect
of this fix is gated on filesystem capability support because changing
securebits is only supported when filesystem capabilities support is
configured.)
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/linux/capability.h')
-rw-r--r-- | include/linux/capability.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h index fa830f8de03..02673846d20 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -501,6 +501,8 @@ extern const kernel_cap_t __cap_empty_set; extern const kernel_cap_t __cap_full_set; extern const kernel_cap_t __cap_init_eff_set; +kernel_cap_t cap_set_effective(const kernel_cap_t pE_new); + int capable(int cap); int __capable(struct task_struct *t, int cap); |