projects
/
linux-2.6-block.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check
[linux-2.6-block.git]
/
security
/
selinux
/
hooks.c
diff --git
a/security/selinux/hooks.c
b/security/selinux/hooks.c
index 78c3f98fcdcfa94b2bf72a2bbcc7158b11756eba..520b9998123efa9a65f41f665105aaaada6d47d7 100644
(file)
--- a/
security/selinux/hooks.c
+++ b/
security/selinux/hooks.c
@@
-2318,7
+2318,7
@@
static int selinux_inode_setxattr(struct dentry *dentry, char *name, void *value
if (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)
return -EOPNOTSUPP;
- if (
(current->fsuid != inode->i_uid) && !capable(CAP_FOWNER
))
+ if (
!is_owner_or_cap(inode
))
return -EPERM;
AVC_AUDIT_DATA_INIT(&ad,FS);