ich777/linux_media
1
0
Fork 0
mirror of https://github.com/tbsdtv/linux_media.git synced 2025-07-23 20:51:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

xfs: ioctl check for capabilities in the current user namespace

Browse Source 
Use inode_capable() to check if SUID|SGID bits should be cleared to match
similar check in inode_change_ok().

The check for CAP_LINUX_IMMUTABLE was not modified since all other file
systems also check against init_user_ns rather than current_user_ns.

Only allow changing of projid from init_user_ns.

Reviewed-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
This commit is contained in:
Dwight Engen
2013-08-15 14:08:00 -04:00
committed by Ben Myers
parent 288bbe0eeb
commit fd5e2aa865
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
kernel/capability.c
View File

@@ -464,3 +464,4 @@ bool inode_capable(const struct inode *inode, int cap)
return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
}
EXPORT_SYMBOL(inode_capable);