Make sure CAP_BINDAT and CAP_CONNECTAT are part of CAP_ALL0.

This makes sure that file descriptors of opened directories will actually get these capabilities. Without this change, bindat() and connectat() don't seem to work for me. MFC after: 2 weeks Reviewed by: rwatson, pjd
author: ed <ed@FreeBSD.org> 2015-01-14 13:03:03 +0000
committer: ed <ed@FreeBSD.org> 2015-01-14 13:03:03 +0000
commit: e0e859773e6e787ee1ca89e7705018f8ae353638 (patch)
tree: a70a384ae87322be017272a43182bbf65b906764
parent: 8bf38c19340378b27480564610633c22767a038c (diff)
download: FreeBSD-src-e0e859773e6e787ee1ca89e7705018f8ae353638.zip
FreeBSD-src-e0e859773e6e787ee1ca89e7705018f8ae353638.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/sys/capsicum.h b/sys/sys/capsicum.h
index 6188811..de113c6 100644
--- a/sys/sys/capsicum.h
+++ b/sys/sys/capsicum.h
@@ -206,10 +206,10 @@
 	 CAP_SETSOCKOPT | CAP_SHUTDOWN)
 
 /* All used bits for index 0. */
-#define	CAP_ALL0		CAPRIGHT(0, 0x0000007FFFFFFFFFULL)
+#define	CAP_ALL0		CAPRIGHT(0, 0x000001FFFFFFFFFFULL)
 
 /* Available bits for index 0. */
-#define	CAP_UNUSED0_40		CAPRIGHT(0, 0x0000008000000000ULL)
+#define	CAP_UNUSED0_42		CAPRIGHT(0, 0x0000020000000000ULL)
 /* ... */
 #define	CAP_UNUSED0_57		CAPRIGHT(0, 0x0100000000000000ULL)
author	ed <ed@FreeBSD.org>	2015-01-14 13:03:03 +0000
committer	ed <ed@FreeBSD.org>	2015-01-14 13:03:03 +0000
commit	e0e859773e6e787ee1ca89e7705018f8ae353638 (patch)
tree	a70a384ae87322be017272a43182bbf65b906764
parent	8bf38c19340378b27480564610633c22767a038c (diff)
download	FreeBSD-src-e0e859773e6e787ee1ca89e7705018f8ae353638.zip FreeBSD-src-e0e859773e6e787ee1ca89e7705018f8ae353638.tar.gz