Commit 5d4e5137 authored by Serge Hallyn's avatar Serge Hallyn Committed by Linus Torvalds

[PATCH] capset returns -EPERM when pid==current->pid

In the current kernel/capability.c:sys_capset() code, permission is
denied if CAP_SETPCAP is not held and pid is positive.  pid=0 means use
the current process, and this is allowed.  But using the current
process' pid is not allowed.  The man page for capsetp simply says that
CAP_SETPCAP is required to use this function, and does not mention the
exception for pid=0. 

The current behavior seems inconsistent.  The attached patch also
allows a process to call capset() on itself.
Signed-off-by: default avatarChris Wright <chrisw@osdl.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 2cf17bf6
...@@ -173,7 +173,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data) ...@@ -173,7 +173,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
if (get_user(pid, &header->pid)) if (get_user(pid, &header->pid))
return -EFAULT; return -EFAULT;
if (pid && !capable(CAP_SETPCAP)) if (pid && pid != current->pid && !capable(CAP_SETPCAP))
return -EPERM; return -EPERM;
if (copy_from_user(&effective, &data->effective, sizeof(effective)) || if (copy_from_user(&effective, &data->effective, sizeof(effective)) ||
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment