Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 1cdcbec1a3372c0c49c59d292e708fd07b509f18
commit1cdcbec1a3372c0c49c59d292e708fd07b509f18[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Fri Nov 14 10:39:14 2008 +1100
committerJames Morris <jmorris@namei.org>Fri Nov 14 10:39:14 2008 +1100
treed1bd302c8d66862da45b494cbc766fb4caa5e23e
parent8bbf4976b59fc9fc2861e79cab7beb3f6d647640 [diff]
CRED: Neuter sys_capset()

Take away the ability for sys_capset() to affect processes other than current.

This means that current will not need to lock its own credentials when reading
them against interference by other processes.

This has effectively been the case for a while anyway, since:

 (1) Without LSM enabled, sys_capset() is disallowed.

 (2) With file-based capabilities, sys_capset() is neutered.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
6 files changed
tree: d1bd302c8d66862da45b494cbc766fb4caa5e23e
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. usr/
  20. virt/
  21. .gitignore
  22. .mailmap
  23. COPYING
  24. CREDITS
  25. Kbuild
  26. MAINTAINERS
  27. Makefile
  28. README
  29. REPORTING-BUGS