diff options
| author | serue@us.ibm.com <serue@us.ibm.com> | 2007-12-05 16:55:36 -0500 |
|---|---|---|
| committer | Dave Airlie <airlied@redhat.com> | 2008-02-04 23:33:32 -0500 |
| commit | 62f29babbc60ab572d3cecda981931d3a66123d6 (patch) | |
| tree | 54d041eaaf9fe1db8bb16a0206c53e53d2b7d44b | |
| parent | 1fa4db7d308da04f6644c5cb8eed244c200d4ed5 (diff) | |
agp: remove uid comparison as security check
In the face of containers and user namespaces, a uid==0 check for
security is not safe. Switch to a capability check.
I'm not sure I picked the right capability, but this being AGP
CAP_SYS_RAWIO seemed to make sense.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Dave Airlie <airlied@linux.ie>
| -rw-r--r-- | drivers/char/agp/frontend.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/char/agp/frontend.c b/drivers/char/agp/frontend.c index 9bd5a958954c..55d7a82bd071 100644 --- a/drivers/char/agp/frontend.c +++ b/drivers/char/agp/frontend.c | |||
| @@ -689,7 +689,7 @@ static int agp_open(struct inode *inode, struct file *file) | |||
| 689 | set_bit(AGP_FF_ALLOW_CLIENT, &priv->access_flags); | 689 | set_bit(AGP_FF_ALLOW_CLIENT, &priv->access_flags); |
| 690 | priv->my_pid = current->pid; | 690 | priv->my_pid = current->pid; |
| 691 | 691 | ||
| 692 | if ((current->uid == 0) || (current->suid == 0)) { | 692 | if (capable(CAP_SYS_RAWIO)) { |
| 693 | /* Root priv, can be controller */ | 693 | /* Root priv, can be controller */ |
| 694 | set_bit(AGP_FF_ALLOW_CONTROLLER, &priv->access_flags); | 694 | set_bit(AGP_FF_ALLOW_CONTROLLER, &priv->access_flags); |
| 695 | } | 695 | } |