50 lines
1.6 KiB
Diff
50 lines
1.6 KiB
Diff
From fd0bf3d36f3295fbc7c6d4bed34e2d2849764e68 Mon Sep 17 00:00:00 2001
|
|
From: Vincent Untz <vuntz@gnome.org>
|
|
Date: Fri, 6 May 2011 14:14:21 +0200
|
|
Subject: [PATCH] Improved checks for fs capabilities, and drop unneeded ones
|
|
|
|
If we have fs capabilities, we first need to check that we really do
|
|
have ipc_lock, and if that's the case we just keep ipc_lock and drop
|
|
everything else.
|
|
|
|
https://bugzilla.gnome.org/show_bug.cgi?id=649560
|
|
---
|
|
daemon/gkd-capability.c | 19 +++++++++++++++++--
|
|
1 files changed, 17 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/daemon/gkd-capability.c b/daemon/gkd-capability.c
|
|
index 5b47f4e..e15200a 100644
|
|
--- a/daemon/gkd-capability.c
|
|
+++ b/daemon/gkd-capability.c
|
|
@@ -71,11 +71,26 @@ gkd_capability_obtain_capability_and_drop_privileges (void)
|
|
early_error ("failed dropping capabilities");
|
|
break;
|
|
case CAPNG_FAIL:
|
|
- case CAPNG_NONE:
|
|
early_error ("error getting process capabilities");
|
|
break;
|
|
+ case CAPNG_NONE:
|
|
+ early_error ("insufficient process capabilities");
|
|
+ break;
|
|
case CAPNG_PARTIAL: /* File system based capabilities */
|
|
- break;
|
|
+ if (!capng_have_capability (CAPNG_EFFECTIVE, CAP_IPC_LOCK)) {
|
|
+ early_error ("insufficient process capabilities");
|
|
+ break;
|
|
+ }
|
|
+
|
|
+ /* Drop all capabilities except ipc_lock */
|
|
+ capng_clear (CAPNG_SELECT_BOTH);
|
|
+ if (capng_update (CAPNG_ADD,
|
|
+ CAPNG_EFFECTIVE|CAPNG_PERMITTED,
|
|
+ CAP_IPC_LOCK) != 0)
|
|
+ early_error ("error dropping process capabilities");
|
|
+ if (capng_apply (CAPNG_SELECT_BOTH) != 0)
|
|
+ early_error ("error dropping process capabilities");
|
|
+ break;
|
|
}
|
|
#endif /* HAVE_LIBCAPNG */
|
|
}
|
|
--
|
|
1.7.4.2
|