diff options
author | rwatson <rwatson@FreeBSD.org> | 2000-09-19 00:10:39 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2000-09-19 00:10:39 +0000 |
commit | 4cfb55034a529f20ca92bb8804078de430c45790 (patch) | |
tree | 2ef4ba7b51a2f02bc1a1991b9eac7a566785030a /lib | |
parent | 22d62449e5360e62e6984955e392db3b3c48ce6e (diff) | |
download | FreeBSD-src-4cfb55034a529f20ca92bb8804078de430c45790.zip FreeBSD-src-4cfb55034a529f20ca92bb8804078de430c45790.tar.gz |
o cap_set_flag() was not correctly clearing capabilities when value
was CAP_CLEAR.
Obtained from: TrustedBSD Project
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/posix1e/cap_set_flag.c | 7 | ||||
-rw-r--r-- | lib/libposix1e/cap_set_flag.c | 7 |
2 files changed, 10 insertions, 4 deletions
diff --git a/lib/libc/posix1e/cap_set_flag.c b/lib/libc/posix1e/cap_set_flag.c index 4d3d792..e6e2259 100644 --- a/lib/libc/posix1e/cap_set_flag.c +++ b/lib/libc/posix1e/cap_set_flag.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD$ */ /* * TrustedBSD Project - support for POSIX.1e process capabilities @@ -55,7 +55,10 @@ cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap, cap_value_t caps[], } for (i = 0; i < ncap; i++) - SET_CAPABILITY(mask, caps[i]); + if (value == CAP_SET) + SET_CAPABILITY(mask, caps[i]); + else + UNSET_CAPABILITY(mask, caps[i]); return (0); } diff --git a/lib/libposix1e/cap_set_flag.c b/lib/libposix1e/cap_set_flag.c index 4d3d792..e6e2259 100644 --- a/lib/libposix1e/cap_set_flag.c +++ b/lib/libposix1e/cap_set_flag.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD$ */ /* * TrustedBSD Project - support for POSIX.1e process capabilities @@ -55,7 +55,10 @@ cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap, cap_value_t caps[], } for (i = 0; i < ncap; i++) - SET_CAPABILITY(mask, caps[i]); + if (value == CAP_SET) + SET_CAPABILITY(mask, caps[i]); + else + UNSET_CAPABILITY(mask, caps[i]); return (0); } |