* [PATCH] mount.cifs: remove unnecessary getuid() check in libcap version of toggle_dac_capability
@ 2012-04-19 19:24 Jeff Layton
[not found] ` <1334863493-18978-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
0 siblings, 1 reply; 4+ messages in thread
From: Jeff Layton @ 2012-04-19 19:24 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA; +Cc: lmuelle-IBi9RG/b67k
I'm not sure what I was thinking when I added that check in, but it's
been there since the inception. We shouldn't care at all what the
real uid is when we call toggle_dac_capability and indeed we don't
care with the libcap-ng version. Remove that check.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
mount.cifs.c | 3 ---
1 files changed, 0 insertions(+), 3 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index 06715dd..c90ce3e 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -552,9 +552,6 @@ toggle_dac_capability(int writable, int enable)
cap_t caps;
cap_value_t capability = writable ? CAP_DAC_OVERRIDE : CAP_DAC_READ_SEARCH;
- if (getuid() != 0)
- return 0;
-
caps = cap_get_proc();
if (caps == NULL) {
fprintf(stderr, "Unable to get current capability set: %s\n",
--
1.7.7.6
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] mount.cifs: remove unnecessary getuid() check in libcap version of toggle_dac_capability
[not found] ` <1334863493-18978-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
@ 2012-04-20 5:34 ` Suresh Jayaraman
[not found] ` <4F90F55D.30909-IBi9RG/b67k@public.gmane.org>
2012-04-20 15:47 ` Jeff Layton
1 sibling, 1 reply; 4+ messages in thread
From: Suresh Jayaraman @ 2012-04-20 5:34 UTC (permalink / raw)
To: Jeff Layton; +Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA, lmuelle-IBi9RG/b67k
On 04/20/2012 12:54 AM, Jeff Layton wrote:
> I'm not sure what I was thinking when I added that check in, but it's
> been there since the inception. We shouldn't care at all what the
> real uid is when we call toggle_dac_capability and indeed we don't
> care with the libcap-ng version. Remove that check.
No specific comments on the patch itself but I don't understand the
changelog. This code corresponds to the #else part of #ifdef
HAVE_LIBCAP_NG and doesn't have any relevance to the libcap-ng?
Or did you mean we didn't have to consider this check for #ifdef
HAVE_LIBCAP_NG part?
Thanks
Suresh
> Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
> ---
> mount.cifs.c | 3 ---
> 1 files changed, 0 insertions(+), 3 deletions(-)
>
> diff --git a/mount.cifs.c b/mount.cifs.c
> index 06715dd..c90ce3e 100644
> --- a/mount.cifs.c
> +++ b/mount.cifs.c
> @@ -552,9 +552,6 @@ toggle_dac_capability(int writable, int enable)
> cap_t caps;
> cap_value_t capability = writable ? CAP_DAC_OVERRIDE : CAP_DAC_READ_SEARCH;
>
> - if (getuid() != 0)
> - return 0;
> -
> caps = cap_get_proc();
> if (caps == NULL) {
> fprintf(stderr, "Unable to get current capability set: %s\n",
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] mount.cifs: remove unnecessary getuid() check in libcap version of toggle_dac_capability
[not found] ` <4F90F55D.30909-IBi9RG/b67k@public.gmane.org>
@ 2012-04-20 11:56 ` Jeff Layton
0 siblings, 0 replies; 4+ messages in thread
From: Jeff Layton @ 2012-04-20 11:56 UTC (permalink / raw)
To: Suresh Jayaraman; +Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA, lmuelle-IBi9RG/b67k
On Fri, 20 Apr 2012 11:04:21 +0530
Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org> wrote:
> On 04/20/2012 12:54 AM, Jeff Layton wrote:
> > I'm not sure what I was thinking when I added that check in, but it's
> > been there since the inception. We shouldn't care at all what the
> > real uid is when we call toggle_dac_capability and indeed we don't
> > care with the libcap-ng version. Remove that check.
>
> No specific comments on the patch itself but I don't understand the
> changelog. This code corresponds to the #else part of #ifdef
> HAVE_LIBCAP_NG and doesn't have any relevance to the libcap-ng?
>
Correct. This affects the version of toggle_dac_capability that uses
libcap functions, not libcap-ng.
> Or did you mean we didn't have to consider this check for #ifdef
> HAVE_LIBCAP_NG part?
>
The libcap-ng version of this function never had this check, and I
don't think it should have ever been in the libcap version either. It
probably makes the program not work as a setuid program with regular
old libcap, but I haven't tested that to be sure.
> Thanks
> Suresh
>
> > Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
> > ---
> > mount.cifs.c | 3 ---
> > 1 files changed, 0 insertions(+), 3 deletions(-)
> >
> > diff --git a/mount.cifs.c b/mount.cifs.c
> > index 06715dd..c90ce3e 100644
> > --- a/mount.cifs.c
> > +++ b/mount.cifs.c
> > @@ -552,9 +552,6 @@ toggle_dac_capability(int writable, int enable)
> > cap_t caps;
> > cap_value_t capability = writable ? CAP_DAC_OVERRIDE : CAP_DAC_READ_SEARCH;
> >
> > - if (getuid() != 0)
> > - return 0;
> > -
> > caps = cap_get_proc();
> > if (caps == NULL) {
> > fprintf(stderr, "Unable to get current capability set: %s\n",
>
--
Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] mount.cifs: remove unnecessary getuid() check in libcap version of toggle_dac_capability
[not found] ` <1334863493-18978-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2012-04-20 5:34 ` Suresh Jayaraman
@ 2012-04-20 15:47 ` Jeff Layton
1 sibling, 0 replies; 4+ messages in thread
From: Jeff Layton @ 2012-04-20 15:47 UTC (permalink / raw)
To: Jeff Layton; +Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA, lmuelle-IBi9RG/b67k
On Thu, 19 Apr 2012 15:24:53 -0400
Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org> wrote:
> I'm not sure what I was thinking when I added that check in, but it's
> been there since the inception. We shouldn't care at all what the
> real uid is when we call toggle_dac_capability and indeed we don't
> care with the libcap-ng version. Remove that check.
>
> Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
> ---
> mount.cifs.c | 3 ---
> 1 files changed, 0 insertions(+), 3 deletions(-)
>
> diff --git a/mount.cifs.c b/mount.cifs.c
> index 06715dd..c90ce3e 100644
> --- a/mount.cifs.c
> +++ b/mount.cifs.c
> @@ -552,9 +552,6 @@ toggle_dac_capability(int writable, int enable)
> cap_t caps;
> cap_value_t capability = writable ? CAP_DAC_OVERRIDE : CAP_DAC_READ_SEARCH;
>
> - if (getuid() != 0)
> - return 0;
> -
> caps = cap_get_proc();
> if (caps == NULL) {
> fprintf(stderr, "Unable to get current capability set: %s\n",
Merged...
--
Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2012-04-20 15:47 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-19 19:24 [PATCH] mount.cifs: remove unnecessary getuid() check in libcap version of toggle_dac_capability Jeff Layton
[not found] ` <1334863493-18978-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2012-04-20 5:34 ` Suresh Jayaraman
[not found] ` <4F90F55D.30909-IBi9RG/b67k@public.gmane.org>
2012-04-20 11:56 ` Jeff Layton
2012-04-20 15:47 ` Jeff Layton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.