Re: [PATCH] Completely honor prctl(PR_SET_KEEPCAPS, 1)

Keith Owens (kaos@ocs.com.au)
Wed, 08 May 2002 23:42:29 +1000


On Wed, 8 May 2002 03:40:11 -0600 (MDT),
Dax Kelson <dax@gurulabs.com> wrote:
>Originally when a process set*uided all capabilities bits were cleared.
>Then sometime later (wish BK went back 3 years), the behaviour was
>modified according to the comment "A process may, via prctl(), elect to
>keep its capabilites when it calls setuid() and switches away from
>uid==0. Both permitted and effective sets will be retained."

FWIW, the change was in 2.2.18-pre18, between October 26 and 29, 2000.

I have all the kernel versions from 2.0.21 (1997) through 2.5.14 in a
set of PRCS repositories. A binary chop on 2.2 found the change in a
few minutes.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/