summaryrefslogtreecommitdiff
path: root/security/dummy.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/dummy.c')
-rw-r--r--security/dummy.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/security/dummy.c b/security/dummy.c
index c505122e22d..649326bf64e 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -36,14 +36,19 @@ static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
static int dummy_capget (struct task_struct *target, kernel_cap_t * effective,
kernel_cap_t * inheritable, kernel_cap_t * permitted)
{
- *effective = *inheritable = *permitted = 0;
if (target->euid == 0) {
- *permitted |= (~0 & ~CAP_FS_MASK);
- *effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK);
+ cap_set_full(*permitted);
+ cap_set_init_eff(*effective);
+ } else {
+ cap_clear(*permitted);
+ cap_clear(*effective);
}
- if (target->fsuid == 0) {
- *permitted |= CAP_FS_MASK;
- *effective |= CAP_FS_MASK;
+
+ cap_clear(*inheritable);
+
+ if (target->fsuid != 0) {
+ *permitted = cap_drop_fs_set(*permitted);
+ *effective = cap_drop_fs_set(*effective);
}
return 0;
}
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-04 06:40:27 +0000