commit ffa8e59df047d57e812a04f7d6baf6a25c652c0c
Author: Eric Paris <email address hidden>
Date: Fri Apr 1 17:08:34 2011 -0400
capabilities: do not drop CAP_SETPCAP from the initial task
In olden' days of yore CAP_SETPCAP had special meaning for the init task.
We actually have code to make sure that CAP_SETPCAP wasn't in pE of things
using the init_cred. But CAP_SETPCAP isn't so special any more and we
don't have a reason to special case dropping it for init or kthreads....
Signed-off-by: Eric Paris <email address hidden>
Acked-by: Andrew G. Morgan <email address hidden>
Signed-off-by: James Morris <email address hidden>
I really appreciate checking, as changes like this *should* be scary :)
It is intentional:
commit ffa8e59df047d57 e812a04f7d6baf6 a25c652c0c
Author: Eric Paris <email address hidden>
Date: Fri Apr 1 17:08:34 2011 -0400
capabilities: do not drop CAP_SETPCAP from the initial task
In olden' days of yore CAP_SETPCAP had special meaning for the init task.
We actually have code to make sure that CAP_SETPCAP wasn't in pE of things
using the init_cred. But CAP_SETPCAP isn't so special any more and we
don't have a reason to special case dropping it for init or kthreads....
Signed-off-by: Eric Paris <email address hidden>
Acked-by: Andrew G. Morgan <email address hidden>
Signed-off-by: James Morris <email address hidden>
I really appreciate checking, as changes like this *should* be scary :)