proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 10:12:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2829 from brauner/2019-02-08/capabilities

Browse Source 
caps: check uid and euid
This commit is contained in:
Stéphane Graber 2019-02-09 16:57:01 -05:00 committed by GitHub
commit 3e0aac16db
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/lxc/caps.c
View File

@ -136,8 +136,7 @@ int lxc_ambient_caps_up(void)
int last_cap = CAP_LAST_CAP;
char *cap_names = NULL;
/* When we are root, we don't want to play with capabilities. */
if (!getuid())
if (!getuid() || geteuid())
return 0;
caps = cap_get_proc();
@ -204,8 +203,7 @@ int lxc_ambient_caps_down(void)
cap_t caps;
cap_value_t cap;
/* When we are root, we don't want to play with capabilities. */
if (!getuid())
if (!getuid() || geteuid())
return 0;
ret = prctl(PR_CAP_AMBIENT, prctl_arg(PR_CAP_AMBIENT_CLEAR_ALL),