diff options
author | Jens Axboe <jaxboe@fusionio.com> | 2010-06-03 06:45:28 -0400 |
---|---|---|
committer | Jens Axboe <jaxboe@fusionio.com> | 2010-06-03 06:45:28 -0400 |
commit | 419f8367ea37e5adc5d95479e8fd5554b92b49fe (patch) | |
tree | 37ed8fbd17e48fa82410a6c1a42ea8e0df2c26ae | |
parent | 6a6ca57de92fcae34603551ac944aa74758c30d4 (diff) |
pipe: change the privilege required for growing a pipe beyond system max
Change it to CAP_SYS_RESOURCE, as that more accurately models what
we want to control.
Suggested-by: Michael Kerrisk <mtk.manpages@googlemail.com>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
-rw-r--r-- | fs/pipe.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -1178,7 +1178,7 @@ long pipe_fcntl(struct file *file, unsigned int cmd, unsigned long arg) | |||
1178 | nr_pages = (arg + PAGE_SIZE - 1) >> PAGE_SHIFT; | 1178 | nr_pages = (arg + PAGE_SIZE - 1) >> PAGE_SHIFT; |
1179 | nr_pages = roundup_pow_of_two(nr_pages); | 1179 | nr_pages = roundup_pow_of_two(nr_pages); |
1180 | 1180 | ||
1181 | if (!capable(CAP_SYS_ADMIN) && nr_pages > pipe_max_pages) { | 1181 | if (!capable(CAP_SYS_RESOURCE) && nr_pages > pipe_max_pages) { |
1182 | ret = -EPERM; | 1182 | ret = -EPERM; |
1183 | goto out; | 1183 | goto out; |
1184 | } else if (nr_pages < 1) { | 1184 | } else if (nr_pages < 1) { |