Skip to content

Commit

Permalink
file capabilities: simplify signal check
Browse files Browse the repository at this point in the history 
Simplify the uid equivalence check in cap_task_kill().  Anyone can kill a
process owned by the same uid.

Without this patch wireshark is reported to fail.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  • Loading branch information
Serge E. Hallyn authored and Linus Torvalds committed Feb 24, 2008
1 parent e5df70a commit 0949728
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion security/commoncap.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,7 +552,7 @@ int cap_task_kill(struct task_struct *p, struct siginfo *info,
* allowed.
* We must preserve legacy signal behavior in this case.
*/
if (p->euid == 0 && p->uid == current->uid)
if (p->uid == current->uid)
return 0;

/* sigcont is permitted within same session */
Expand Down

0 comments on commit 0949728

Please sign in to comment.