diff options
author | Eric Paris <eparis@redhat.com> | 2011-04-01 17:08:34 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-04-03 20:31:09 -0400 |
commit | ffa8e59df047d57e812a04f7d6baf6a25c652c0c (patch) | |
tree | 099fc879024f151ff5bc400763477f1bb0ffa254 /kernel | |
parent | 4bf2ea77dba76a22f49db3c10773896aaeeb8f66 (diff) |
capabilities: do not drop CAP_SETPCAP from the initial task
In olden' days of yore CAP_SETPCAP had special meaning for the init task.
We actually have code to make sure that CAP_SETPCAP wasn't in pE of things
using the init_cred. But CAP_SETPCAP isn't so special any more and we
don't have a reason to special case dropping it for init or kthreads....
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/capability.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index bf0c734d0c12..2a374d512ead 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
@@ -23,11 +23,9 @@ | |||
23 | 23 | ||
24 | const kernel_cap_t __cap_empty_set = CAP_EMPTY_SET; | 24 | const kernel_cap_t __cap_empty_set = CAP_EMPTY_SET; |
25 | const kernel_cap_t __cap_full_set = CAP_FULL_SET; | 25 | const kernel_cap_t __cap_full_set = CAP_FULL_SET; |
26 | const kernel_cap_t __cap_init_eff_set = CAP_INIT_EFF_SET; | ||
27 | 26 | ||
28 | EXPORT_SYMBOL(__cap_empty_set); | 27 | EXPORT_SYMBOL(__cap_empty_set); |
29 | EXPORT_SYMBOL(__cap_full_set); | 28 | EXPORT_SYMBOL(__cap_full_set); |
30 | EXPORT_SYMBOL(__cap_init_eff_set); | ||
31 | 29 | ||
32 | int file_caps_enabled = 1; | 30 | int file_caps_enabled = 1; |
33 | 31 | ||