Skip to content

Commit

Permalink
Revert "capabitlies: ns_capable can use the cap helpers rather than l…
Browse files Browse the repository at this point in the history
…sm call"

This reverts commit d2a7009.

J. R. Okajima explains:

 "After this commit, I am afraid access(2) on NFS may not work
  correctly.  The scenario based upon my guess.
   - access(2) overrides the credentials.
   - calls inode_permission() -- ... -- generic_permission() --
      ns_capable().
   - while the old ns_capable() calls security_capable(current_cred()),
     the new ns_capable() calls has_ns_capability(current) --
     security_capable(__task_cred(t)).

  current_cred() returns current->cred which is effective (overridden)
  credentials, but __task_cred(current) returns current->real_cred (the
  NFSD's credential).  And the overridden credentials by access(2) lost."

Requested-by: J. R. Okajima <[email protected]>
Acked-by: Eric Paris <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
  • Loading branch information
torvalds committed Jan 17, 2012
1 parent c2bc3a3 commit 951880e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion kernel/capability.c
Original file line number Diff line number Diff line change
Expand Up @@ -384,7 +384,7 @@ bool ns_capable(struct user_namespace *ns, int cap)
BUG();
}

if (has_ns_capability(current, ns, cap)) {
if (security_capable(current_cred(), ns, cap) == 0) {
current->flags |= PF_SUPERPRIV;
return true;
}
Expand Down

0 comments on commit 951880e

Please sign in to comment.