diff options
Diffstat (limited to 'security/dummy.c')
| -rw-r--r-- | security/dummy.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/security/dummy.c b/security/dummy.c index bc43d4c7383e..6d895ade73de 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
| @@ -37,15 +37,13 @@ static int dummy_capget (struct task_struct *target, kernel_cap_t * effective, | |||
| 37 | kernel_cap_t * inheritable, kernel_cap_t * permitted) | 37 | kernel_cap_t * inheritable, kernel_cap_t * permitted) |
| 38 | { | 38 | { |
| 39 | *effective = *inheritable = *permitted = 0; | 39 | *effective = *inheritable = *permitted = 0; |
| 40 | if (!issecure(SECURE_NOROOT)) { | 40 | if (target->euid == 0) { |
| 41 | if (target->euid == 0) { | 41 | *permitted |= (~0 & ~CAP_FS_MASK); |
| 42 | *permitted |= (~0 & ~CAP_FS_MASK); | 42 | *effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK); |
| 43 | *effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK); | 43 | } |
| 44 | } | 44 | if (target->fsuid == 0) { |
| 45 | if (target->fsuid == 0) { | 45 | *permitted |= CAP_FS_MASK; |
| 46 | *permitted |= CAP_FS_MASK; | 46 | *effective |= CAP_FS_MASK; |
| 47 | *effective |= CAP_FS_MASK; | ||
| 48 | } | ||
| 49 | } | 47 | } |
| 50 | return 0; | 48 | return 0; |
| 51 | } | 49 | } |