diff options
author | Eric Paris <eparis@redhat.com> | 2011-04-01 17:08:34 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-04-04 10:31:09 +1000 |
commit | ffa8e59df047d57e812a04f7d6baf6a25c652c0c (patch) | |
tree | 099fc879024f151ff5bc400763477f1bb0ffa254 /kernel/capability.c | |
parent | 4bf2ea77dba76a22f49db3c10773896aaeeb8f66 (diff) | |
download | lwn-ffa8e59df047d57e812a04f7d6baf6a25c652c0c.tar.gz lwn-ffa8e59df047d57e812a04f7d6baf6a25c652c0c.zip |
capabilities: do not drop CAP_SETPCAP from the initial task
In olden' days of yore CAP_SETPCAP had special meaning for the init task.
We actually have code to make sure that CAP_SETPCAP wasn't in pE of things
using the init_cred. But CAP_SETPCAP isn't so special any more and we
don't have a reason to special case dropping it for init or kthreads....
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/capability.c')
-rw-r--r-- | kernel/capability.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index bf0c734d0c12..2a374d512ead 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -23,11 +23,9 @@ const kernel_cap_t __cap_empty_set = CAP_EMPTY_SET; const kernel_cap_t __cap_full_set = CAP_FULL_SET; -const kernel_cap_t __cap_init_eff_set = CAP_INIT_EFF_SET; EXPORT_SYMBOL(__cap_empty_set); EXPORT_SYMBOL(__cap_full_set); -EXPORT_SYMBOL(__cap_init_eff_set); int file_caps_enabled = 1; |