Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_kernel_shift_sdm845 / 160da84dbb39443fdade7151bc63a88f8e953077
commit160da84dbb39443fdade7151bc63a88f8e953077[log] [tgz]
authorEric W. Biederman <ebiederm@xmission.com>Tue Jul 02 10:04:54 2013 -0700
committerEric W. Biederman <ebiederm@xmission.com>Fri Aug 30 17:30:39 2013 -0700
treeddc0f7993f773a610b888a75b2a00a2520c053f9
parentdbef0c1c4c5f8ce5d1f5bd8cee092a7afb4ac21b [diff]
userns: Allow PR_CAPBSET_DROP in a user namespace.

As the capabilites and capability bounding set are per user namespace
properties it is safe to allow changing them with just CAP_SETPCAP
permission in the user namespace.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Tested-by: Richard Weinberger <richard@nod.at>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
1 file changed
tree: ddc0f7993f773a610b888a75b2a00a2520c053f9
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS