On Mon, Nov 06, 2006 at 09:45:50PM -0600, Serge E. Hallyn wrote: > #define CAP_AUDIT_CONTROL 30 > > +#define CAP_NUMCAPS 31 [...] > +struct vfs_cap_data_struct { > + __u32 version; > + __u32 effective; > + __u32 permitted; > + __u32 inheritable; > +}; [...] > +static int check_cap_sanity(struct vfs_cap_data_struct *cap) > +{ > + int i; > + > + if (cap->version != _LINUX_CAPABILITY_VERSION) > + return -EPERM; > + > + for (i=CAP_NUMCAPS; i<sizeof(cap->effective); i++) { > + if (cap->effective & CAP_TO_MASK(i)) > + return -EPERM; > + } > + for (i=CAP_NUMCAPS; i<sizeof(cap->permitted); i++) { > + if (cap->permitted & CAP_TO_MASK(i)) > + return -EPERM; > + } > + for (i=CAP_NUMCAPS; i<sizeof(cap->inheritable); i++) { > + if (cap->inheritable & CAP_TO_MASK(i)) > + return -EPERM; > + } > + > + return 0; > +} for (i=31; i<4; i++) ... I'm not sure this checks what you think it checks? :) Thanks
Attachment:
pgp1R8QPaZHqt.pgp
Description: PGP signature
- Follow-Ups:
- Re: [PATCH 1/1] security: introduce file posix caps
- From: "Serge E. Hallyn" <[email protected]>
- Re: [PATCH 1/1] security: introduce file posix caps
- From: "Serge E. Hallyn" <[email protected]>
- Re: [PATCH 1/1] security: introduce file posix caps
- References:
- [PATCH 1/1] security: introduce file posix caps
- From: "Serge E. Hallyn" <[email protected]>
- [PATCH 1/1] security: introduce file posix caps
- Prev by Date: slow UML on x86-64, soft lockups
- Next by Date: Re: Faustian Pact between Novell and Microsoft
- Previous by thread: Re: [PATCH 1/1] security: introduce file posix caps
- Next by thread: Re: [PATCH 1/1] security: introduce file posix caps
- Index(es):