summaryrefslogtreecommitdiffstats
path: root/net/core/scm.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/core/scm.c')
-rw-r--r--net/core/scm.c17
1 files changed, 7 insertions, 10 deletions
diff --git a/net/core/scm.c b/net/core/scm.c
index ac4aefda0..dd19cf5e0 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -45,19 +45,16 @@
static __inline__ int scm_check_creds(struct ucred *creds)
{
- /* N.B. The test for suser should follow the credential check */
- if (suser())
+ if ((creds->pid == current->pid || capable(CAP_SYS_ADMIN)) &&
+ ((creds->uid == current->uid || creds->uid == current->euid ||
+ creds->uid == current->suid) || capable(CAP_SETUID)) &&
+ ((creds->gid == current->gid || creds->gid == current->egid ||
+ creds->gid == current->sgid) || capable(CAP_SETGID))) {
return 0;
- if (creds->pid != current->pid ||
- (creds->uid != current->uid && creds->uid != current->euid &&
- creds->uid != current->suid) ||
- (creds->gid != current->gid && creds->gid != current->egid &&
- creds->gid != current->sgid))
- return -EPERM;
- return 0;
+ }
+ return -EPERM;
}
-
static int scm_fp_copy(struct cmsghdr *cmsg, struct scm_fp_list **fplp)
{
int *fdp = (int*)CMSG_DATA(cmsg);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 02:36:10 +0000