]> code.delx.au - pulseaudio/commit
delx.au / code / pulseaudio / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7e6e3b7) | patch
daemon: Don't rely on prctl(PR_SET_KEEPCAPS, 0) for dropping caps.
authorTanu Kaskinen <tanu.kaskinen@digia.com>
Thu, 5 Apr 2012 12:37:19 +0000 (15:37 +0300)
committerTanu Kaskinen <tanuk@iki.fi>
Thu, 7 Feb 2013 09:59:58 +0000 (11:59 +0200)
commit6db3af66010e6bc281528c1a483082e17f965bbe
tree3b93974895fba51f11443bd83d951447bc10f329tree
parent7e6e3b7044ba47772dbaeea0ef71842ec799f7c6commit | diff
daemon: Don't rely on prctl(PR_SET_KEEPCAPS, 0) for dropping caps.

Capability dropping when changing the user in the system
mode was previously implemented by calling
prctl(PR_SET_KEEPCAPS, 0), but that doesn't necessarily
work. It's possible that the KEEPCAPS flag is locked to 1,
in which case the prctl() call fails with EPERM (this
happens at least on Harmattan). This patch implements
explicit capability dropping after changing the user.
src/daemon/caps.c diff | blob | history
src/daemon/caps.h diff | blob | history
src/daemon/main.c diff | blob | history