Merge branch 'next' into for-linus

author: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2011-07-27 00:54:47 -0700
committer: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2011-07-27 00:54:47 -0700
commit: aa7eb8e78d8ecd6cd0475d86ea8385ff9cb47ece (patch)
tree: 3f9e98fadd5124fb05e8f6f9b06aa23698d4f215 /security/commoncap.c
parent: cca8edfd2ec2a34d9f50f593bc753bb11e1bc1f5 (diff)
parent: 3c6b50141ef9f0a8844bf1357b80c0cdf518bf05 (diff)
1 files changed, 4 insertions, 9 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index f20e984ccfb..a93b3b73307 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -529,15 +529,10 @@ skip:
 	new->suid = new->fsuid = new->euid;
 	new->sgid = new->fsgid = new->egid;
 
-	/* For init, we want to retain the capabilities set in the initial
-	 * task.  Thus we skip the usual capability rules
-	 */
-	if (!is_global_init(current)) {
-		if (effective)
-			new->cap_effective = new->cap_permitted;
-		else
-			cap_clear(new->cap_effective);
-	}
+	if (effective)
+		new->cap_effective = new->cap_permitted;
+	else
+		cap_clear(new->cap_effective);
 	bprm->cap_effective = effective;
 
 	/*
author	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2011-07-27 00:54:47 -0700
committer	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2011-07-27 00:54:47 -0700
commit	aa7eb8e78d8ecd6cd0475d86ea8385ff9cb47ece (patch)
tree	3f9e98fadd5124fb05e8f6f9b06aa23698d4f215 /security/commoncap.c
parent	cca8edfd2ec2a34d9f50f593bc753bb11e1bc1f5 (diff)
parent	3c6b50141ef9f0a8844bf1357b80c0cdf518bf05 (diff)