On Sat, 14 Mar 2015, Andrew G. Morgan wrote: > > I thought I did. Please implement a lockable secure bit and I will
Would this suffice? It puts the CAP_SETPCAP limitation back to how it was in my earlier patch. Subject: ambient caps: Allow disabling with SETPCAP Do not allow setting ambient caps if CAP_SETPCAP is not set. Signed-off-by: Christoph Lameter <[email protected]> Index: linux/security/commoncap.c =================================================================== --- linux.orig/security/commoncap.c +++ linux/security/commoncap.c @@ -962,6 +962,9 @@ int cap_task_prctl(int option, unsigned if (((!cap_valid(arg3)) | arg4 | arg5)) return -EINVAL; + if (!ns_capable(current_user_ns(), CAP_SETPCAP)) + return -EPERM; + if (arg2 == PR_CAP_AMBIENT_GET) { return !!cap_raised(current_cred()->cap_ambient, arg3); } else if (arg2 != PR_CAP_AMBIENT_RAISE && -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
