summaryrefslogtreecommitdiff
path: root/include/linux/capability.h
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@citi.umich.edu>2009-03-16 18:34:20 -0400
committerJ. Bruce Fields <bfields@citi.umich.edu>2009-03-17 14:55:55 -0400
commit76a67ec6fb79ff3570dcb5342142c16098299911 (patch)
tree45bfd454d59ce611a103d6b63fff08a5cb5d2194 /include/linux/capability.h
parent84f09f46b4ee9e4e9b6381f8af31817516d2091b (diff)
downloadlinux-next-76a67ec6fb79ff3570dcb5342142c16098299911.tar.gz
nfsd: nfsd should drop CAP_MKNOD for non-root
Since creating a device node is normally an operation requiring special privilege, Igor Zhbanov points out that it is surprising (to say the least) that a client can, for example, create a device node on a filesystem exported with root_squash. So, make sure CAP_MKNOD is among the capabilities dropped when an nfsd thread handles a request from a non-root user. Reported-by: Igor Zhbanov <izh1979@gmail.com> Cc: stable@kernel.org Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Diffstat (limited to 'include/linux/capability.h')
-rw-r--r--include/linux/capability.h6
1 files changed, 4 insertions, 2 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 1b9872556131..4864a43b2b45 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -393,8 +393,10 @@ struct cpu_vfs_cap_data {
# define CAP_FULL_SET ((kernel_cap_t){{ ~0, ~0 }})
# define CAP_INIT_EFF_SET ((kernel_cap_t){{ ~CAP_TO_MASK(CAP_SETPCAP), ~0 }})
# define CAP_FS_SET ((kernel_cap_t){{ CAP_FS_MASK_B0, CAP_FS_MASK_B1 } })
-# define CAP_NFSD_SET ((kernel_cap_t){{ CAP_FS_MASK_B0|CAP_TO_MASK(CAP_SYS_RESOURCE), \
- CAP_FS_MASK_B1 } })
+# define CAP_NFSD_SET ((kernel_cap_t){{ CAP_FS_MASK_B0 \
+ | CAP_TO_MASK(CAP_SYS_RESOURCE) \
+ | CAP_TO_MASK(CAP_MKNOD), \
+ CAP_FS_MASK_B1 } })
#endif /* _KERNEL_CAPABILITY_U32S != 2 */