| commit | 62f29babbc60ab572d3cecda981931d3a66123d6 | |
| author | serue@us.ibm.com <serue@us.ibm.com> | |
| Wed, 5 Dec 2007 21:55:36 +0000 (5 13:55 -0800) | ||
| committer | Dave Airlie <airlied@redhat.com> | |
| Tue, 5 Feb 2008 04:33:32 +0000 (5 14:33 +1000) | ||
| tree | 54d041eaaf9fe1db8bb16a0206c53e53d2b7d44b | treesnapshot (tar.gz zip) |
| parent | 1fa4db7d308da04f6644c5cb8eed244c200d4ed5 | commitdiff |
agp: remove uid comparison as security check
In the face of containers and user namespaces, a uid==0 check for
security is not safe. Switch to a capability check.
I'm not sure I picked the right capability, but this being AGP
CAP_SYS_RAWIO seemed to make sense.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Dave Airlie <airlied@linux.ie>
In the face of containers and user namespaces, a uid==0 check for
security is not safe. Switch to a capability check.
I'm not sure I picked the right capability, but this being AGP
CAP_SYS_RAWIO seemed to make sense.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Dave Airlie <airlied@linux.ie>
| drivers/char/agp/frontend.c | diffblobblamehistory |