X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=security%2Fcommoncap.c;h=cd90b22d738186a430587c585b9e4f4f58abff1d;hb=43bc926fffd92024b46cafaf7350d669ba9ca884;hp=98114af88bcc72ca030afa7b1822668c561c7b62;hpb=cee37fe97739d85991964371c1f3a745c00dd236;p=linux-2.6.git

diff --git a/security/commoncap.c b/security/commoncap.c
index 98114af88..cd90b22d7 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -7,6 +7,7 @@
  *
  */
 
+#include <linux/capability.h>
 #include <linux/config.h>
 #include <linux/module.h>
 #include <linux/init.h>
@@ -59,8 +60,8 @@ int cap_settime(struct timespec *ts, struct timezone *tz)
 int cap_ptrace (struct task_struct *parent, struct task_struct *child)
 {
 	/* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */
-	if (!cap_issubset (child->cap_permitted, current->cap_permitted) &&
-	    !capable(CAP_SYS_PTRACE))
+	if (!cap_issubset(child->cap_permitted, parent->cap_permitted) &&
+	    !__capable(parent, CAP_SYS_PTRACE))
 		return -EPERM;
 	return 0;
 }
@@ -149,7 +150,7 @@ void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
 
 	if (bprm->e_uid != current->uid || bprm->e_gid != current->gid ||
 	    !cap_issubset (new_permitted, current->cap_permitted)) {
-		current->mm->dumpable = 0;
+		current->mm->dumpable = suid_dumpable;
 
 		if (unsafe & ~LSM_UNSAFE_PTRACE_CAP) {
 			if (!capable(CAP_SETUID)) {
@@ -312,7 +313,7 @@ void cap_task_reparent_to_init (struct task_struct *p)
 int cap_syslog (int type)
 {
 	if ((type != 3 && type != 10) &&
-		!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SYSLOG))
+		!vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG))
 		return -EPERM;
 	return 0;
 }