Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c7b96acf authored by Eric W. Biederman's avatar Eric W. Biederman
Browse files

userns: Kill nsown_capable it makes the wrong thing easy 



nsown_capable is a special case of ns_capable essentially for just CAP_SETUID and
CAP_SETGID.  For the existing users it doesn't noticably simplify things and
from the suggested patches I have seen it encourages people to do the wrong
thing.  So remove nsown_capable.

Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
parent f54fb863

fs/namespace.c

+2 −2
Original line number Diff line number Diff line
@@ -2929,8 +2929,8 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns) 
	struct path root;



	if (!ns_capable(mnt_ns->user_ns, CAP_SYS_ADMIN) ||

	    !nsown_capable(CAP_SYS_CHROOT) ||

	    !nsown_capable(CAP_SYS_ADMIN))

	    !ns_capable(current_user_ns(), CAP_SYS_CHROOT) ||

	    !ns_capable(current_user_ns(), CAP_SYS_ADMIN))

		return -EPERM;



	if (fs->users != 1)

fs/open.c

+1 −1
Original line number Diff line number Diff line
@@ -443,7 +443,7 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename) 
		goto dput_and_out;



	error = -EPERM;

	if (!nsown_capable(CAP_SYS_CHROOT))

	if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT))

		goto dput_and_out;

	error = security_path_chroot(&path);

	if (error)

include/linux/capability.h

+0 −1
Original line number Diff line number Diff line
@@ -210,7 +210,6 @@ extern bool has_ns_capability_noaudit(struct task_struct *t, 
				      struct user_namespace *ns, int cap);

extern bool capable(int cap);

extern bool ns_capable(struct user_namespace *ns, int cap);

extern bool nsown_capable(int cap);

extern bool inode_capable(const struct inode *inode, int cap);

extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);

ipc/namespace.c

+1 −1
Original line number Diff line number Diff line
@@ -171,7 +171,7 @@ static int ipcns_install(struct nsproxy *nsproxy, void *new) 
{

	struct ipc_namespace *ns = new;

	if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) ||

	    !nsown_capable(CAP_SYS_ADMIN))

	    !ns_capable(current_user_ns(), CAP_SYS_ADMIN))

		return -EPERM;



	/* Ditch state from the old ipc namespace */

kernel/capability.c

+0 −12
Original line number Diff line number Diff line
@@ -432,18 +432,6 @@ bool capable(int cap) 
}

EXPORT_SYMBOL(capable);



/**

 * nsown_capable - Check superior capability to one's own user_ns

 * @cap: The capability in question

 *

 * Return true if the current task has the given superior capability

 * targeted at its own user namespace.

 */

bool nsown_capable(int cap)

{

	return ns_capable(current_user_ns(), cap);

}



/**

 * inode_capable - Check superior capability over inode

 * @inode: The inode in question