path: root/kernel/capability.c
diff options
authorLinus Torvalds <torvalds@linux-foundation.org>2012-01-17 10:19:41 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2012-01-17 10:19:41 -0800
commit951880e634a79884236a575b896abf55c39ae0bf (patch)
treeb23ec5a95cd72083227ed5b7396e2f8799f4a58c /kernel/capability.c
parentc2bc3a316a7281f67e36b34dac2802cbe36a9128 (diff)
Revert "capabitlies: ns_capable can use the cap helpers rather than lsm call"
This reverts commit d2a7009f0bb03fa22ad08dd25472efa0568126b9. J. R. Okajima explains: "After this commit, I am afraid access(2) on NFS may not work correctly. The scenario based upon my guess. - access(2) overrides the credentials. - calls inode_permission() -- ... -- generic_permission() -- ns_capable(). - while the old ns_capable() calls security_capable(current_cred()), the new ns_capable() calls has_ns_capability(current) -- security_capable(__task_cred(t)). current_cred() returns current->cred which is effective (overridden) credentials, but __task_cred(current) returns current->real_cred (the NFSD's credential). And the overridden credentials by access(2) lost." Requested-by: J. R. Okajima <hooanon05@yahoo.co.jp> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/capability.c')
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/capability.c b/kernel/capability.c
index 0fcf1c14a29..3f1adb6c647 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -384,7 +384,7 @@ bool ns_capable(struct user_namespace *ns, int cap)
- if (has_ns_capability(current, ns, cap)) {
+ if (security_capable(current_cred(), ns, cap) == 0) {
current->flags |= PF_SUPERPRIV;
return true;