|
|
|
Re: [PATCH 22/43] userns: Convert capabilities related permsion checks | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
"Serge E. Hallyn" <serge@xxxxxxxxxx> writes: > Quoting Eric W. Beiderman (ebiederm@xxxxxxxxxxxx): >> From: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> >> >> - Use uid_eq when comparing kuids >> Use gid_eq when comparing kgids >> - Use __make_kuid(user_ns, 0) to talk about the user_namespace root uid >> Use __make_kgid(user_ns, 0) to talk about the user_namespace root gid >> >> Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> > > Acked-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > > though, nit, > >> --- >> fs/open.c | 3 ++- >> security/commoncap.c | 43 ++++++++++++++++++++++++++++--------------- >> 2 files changed, 30 insertions(+), 16 deletions(-) >> >> diff --git a/security/commoncap.c b/security/commoncap.c >> index dbd465a..9bf8df8 100644 >> --- a/security/commoncap.c >> +++ b/security/commoncap.c >> @@ -472,19 +472,24 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) >> struct cred *new = bprm->cred; >> bool effective, has_cap = false; >> int ret; >> + kuid_t root_uid; >> + kgid_t root_gid; > > the root_gid is assigned but never used. Thanks snipped. It doesn't look like there will ever be a use for it. >> >> effective = false; >> ret = get_file_caps(bprm, &effective, &has_cap); >> if (ret < 0) >> return ret; >> >> + root_uid = make_kuid(new->user_ns, 0); >> + root_gid = make_kgid(new->user_ns, 0); >> + Eric -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Ext4 Filesystem] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Photo] [Yosemite] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper] [CEPH Filesystem]
|