- To: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Subject: Re: [PATCH] userns: Replace netlink uses of cap_raised with capable.
- From: James Morris <jmorris@xxxxxxxxx>
- Date: Wed, 4 Apr 2012 14:06:19 +1000 (EST)
- Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Philipp Reisner <philipp.reisner@xxxxxxxxxx>, Patrick McHardy <kaber@xxxxxxxxx>, Andrew Morgan <morgan@xxxxxxxxxx>, Vasiliy Kulikov <segoon@xxxxxxxxxxxx>, David Howells <dhowells@xxxxxxxxxx>, Neil Brown <neilb@xxxxxxx>, Michal Januszewski <spock@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, linux-fbdev@xxxxxxxxxxxxxxx, linux-raid@xxxxxxxxxxxxxxx
- In-reply-to: <m1mx6sz2f2.fsf@fess.ebiederm.org>
- User-agent: Alpine 2.02 (LRH 1266 2009-07-14)
On Tue, 3 Apr 2012, Eric W. Biederman wrote:
> In the initial user_namespace the only difference between between
> cap_raised(current_cap(), CAP_SYS_ADMIN) and capable(CAP_SYS_ADMIN)
> are a few sanity checks and the fact that capable(CAP_SYS_ADMIN)
> sets PF_SUPERPRIV if we use the capability.
>
> Since we are going to be using root privilege setting PF_SUPERPRIV
> seems the right thing to do.
Agreed.
Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx>
- James
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-raid" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[ATA RAID]
[Linux SCSI Target Infrastructure]
[Managing RAID on Linux]
[Linux IDE]
[Linux SCSI]
[Linux Hams]
[Device-Mapper]
[Kernel]
[Linux Books]
[Linux Admin]
[Linux Net]
[GFS]
[RPM]
[git]
[Photos]
[Yosemite Photos]
[Yosemite News]
[AMD 64]
[Linux Networking]
