]> git.karo-electronics.de Git - karo-tx-linux.git/blobdiff - security/commoncap.c
projects / karo-tx-linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sched/headers: Remove <linux/rwsem.h> from <linux/sched.h>
[karo-tx-linux.git] / security / commoncap.c
diff --git a/security/commoncap.c b/security/commoncap.c
index 6d4d586b9356240660e75506d3daacb7ebb8a853..78b37838a2d3e24302578581d32c0a4b0978a946 100644 (file)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -548,9 +548,10 @@ skip:
 
        if ((is_setid ||
             !cap_issubset(new->cap_permitted, old->cap_permitted)) &&
-           bprm->unsafe & ~LSM_UNSAFE_PTRACE_CAP) {
+           ((bprm->unsafe & ~LSM_UNSAFE_PTRACE) ||
+            !ptracer_capable(current, new->user_ns))) {
                /* downgrade; they get no more than they had, and maybe less */
-               if (!capable(CAP_SETUID) ||
+               if (!ns_capable(new->user_ns, CAP_SETUID) ||
                    (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)) {
                        new->euid = new->uid;
                        new->egid = new->gid;
Linux kernel for KaRo TX COM modules