diff options
author | Lennart Poettering <lennart@poettering.net> | 2023-02-20 12:53:26 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2023-02-20 16:49:45 +0100 |
commit | 3fd5190b5e0f2ba08b12cb53e3c27fc1e54a4496 (patch) | |
tree | 21ee28acaa802c7a16192541729f333eddcf2ad8 /src/core/execute.c | |
parent | 6c5fff017ea460ecda9915654b4d2883fea04ba7 (diff) | |
download | systemd-3fd5190b5e0f2ba08b12cb53e3c27fc1e54a4496.tar.gz |
capability-util: add CAP_MASK_ALL + CAP_MASK_UNSET macros
We should be more careful with distinguishing the cases "all bits set in
caps mask" from "cap mask invalid". We so far mostly used UINT64_MAX for
both, which is not correct though (as it would mean
AmbientCapabilities=~0 followed by AmbientCapabilities=0) would result
in capability 63 to be set (which we don't really allow, since that
means unset).
Diffstat (limited to 'src/core/execute.c')
-rw-r--r-- | src/core/execute.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index 5116a73617..f38a5a41fe 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -5466,7 +5466,7 @@ void exec_context_init(ExecContext *c) { for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) c->directories[t].mode = 0755; c->timeout_clean_usec = USEC_INFINITY; - c->capability_bounding_set = CAP_ALL; + c->capability_bounding_set = CAP_MASK_UNSET; assert_cc(NAMESPACE_FLAGS_INITIAL != NAMESPACE_FLAGS_ALL); c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL; c->log_level_max = -1; @@ -6192,7 +6192,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { fprintf(f, "%sSecure Bits: %s\n", prefix, str); } - if (c->capability_bounding_set != CAP_ALL) { + if (c->capability_bounding_set != CAP_MASK_UNSET) { _cleanup_free_ char *str = NULL; r = capability_set_to_string(c->capability_bounding_set, &str); |