aboutsummaryrefslogtreecommitdiffstats
path: root/fs/open.c
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-02-07 19:45:47 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-05-03 06:28:40 -0400
commit18815a18085364d8514c0d0c4c986776cb74272c (patch)
treea931fb2eee31aee6f8d83ef4493071b9827b1b9f /fs/open.c
parent9c806aa06f8e121c6058db8e8073798aa5c4355b (diff)
userns: Convert capabilities related permsion checks
- Use uid_eq when comparing kuids Use gid_eq when comparing kgids - Use make_kuid(user_ns, 0) to talk about the user_namespace root uid Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'fs/open.c')
-rw-r--r--fs/open.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/open.c b/fs/open.c
index 5720854156db..92335f663545 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -316,7 +316,8 @@ SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
316 316
317 if (!issecure(SECURE_NO_SETUID_FIXUP)) { 317 if (!issecure(SECURE_NO_SETUID_FIXUP)) {
318 /* Clear the capabilities if we switch to a non-root user */ 318 /* Clear the capabilities if we switch to a non-root user */
319 if (override_cred->uid) 319 kuid_t root_uid = make_kuid(override_cred->user_ns, 0);
320 if (!uid_eq(override_cred->uid, root_uid))
320 cap_clear(override_cred->cap_effective); 321 cap_clear(override_cred->cap_effective);
321 else 322 else
322 override_cred->cap_effective = 323 override_cred->cap_effective =
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-21 01:45:19 -0500