| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Aug 2008 22:28:32 +0200 From: Ingo Molnar <mingo@...e.hu> To: Andreas Gruenbacher <agruen@...e.de> Cc: "Andrew G. Morgan" <morgan@...nel.org>, Serge Hallyn <serue@...ibm.com>, linux-kernel@...r.kernel.org Subject: Re: [patch] file capabilities: Add no_file_caps switch * Andreas Gruenbacher <agruen@...e.de> wrote: > +++ b/kernel/sched.c > @@ -8149,6 +8149,15 @@ void __init sched_init(void) > plist_head_init(&init_task.pi_waiters, &init_task.pi_lock); > #endif > > +#ifdef CONFIG_SECURITY_FILE_CAPABILITIES > + /* > + * Because of the reduced scope of CAP_SETPCAP when filesystem > + * capabilities are in effect, it is safe to allow CAP_SETPCAP to > + * be available in the default configuration. > + */ > + init_task.cap_bset = CAP_FULL_SET; > +#endif hm, this doesnt belong into sched.c. You need your own (ifdef-less) init function in init/main.c or so. Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists