Em Wed, Aug 30, 2000 at 10:49:22PM -0400, Richard Gooch escreveu:
> Arnaldo Carvalho de Melo writes:
> > Hi,
> >
> > Please consider applying.
> >
> > - Arnaldo
> >
> > --- linux-2.4.0-test8-pre1/arch/i386/kernel/mtrr.c Thu Jul 13 01:58:41 2000
> > +++ linux-2.4.0-test8-pre1.acme/arch/i386/kernel/mtrr.c Wed Aug 30 20:52:48
>2000
> > @@ -1427,7 +1427,7 @@
> > char *ptr;
> > char line[LINE_SIZE];
> >
> > - if ( !suser () ) return -EPERM;
> > + if ( !capable(CAP_SYS_ADMIN) ) return -EPERM;
> [...]
> Tigran Aivazian writes:
> > On Sat, 26 Aug 2000, Arnaldo Carvalho de Melo wrote:
> > > - if ((current->tty != tty) && !suser())
> > > + if ((current->tty != tty) && !capable(CAP_SYS_ADMIN))
> >
> > how about fixing mtrr driver to use capabilities as well? Last time I
> > tried it, Richard objected (well, I put a lot of unnecessary stuff at the
> > time so he objected to the entire patch, suser was a small part
> > thereof) but perhaps now we can sneak it in and he won't notice :)
>
> Grumble. Someone tell me why we can't just remove the suser() calls
> entirely and instead test if the file has write access? That's what
> the permissions on the file are for. Read access lets people take a
> look, but write access is required to change anything.
I'll take a look at it tomorrow, maybe some other places can benefit
from this.
- Arnaldo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
