Attachment #334658 for bug #450536

View | Details | Raw Unified | Return to bug 450536
Collapse All | Expand All

Line Link Here

(-)file_not_specified_in_diff (-10 / +12 lines)
0	-- vsftpd-3.0.2/sysdeputil.c.org 2013-01-05 18:32:13.241288839 +0100	0	++ vsftpd-3.0.2/sysdeputil.c 2013-01-05 19:41:53.038148078 +0100
Lines 561-571 Link Here
561	}	561	}
562	#ifndef VSF_SYSDEP_HAVE_LIBCAP	562	#ifndef VSF_SYSDEP_HAVE_LIBCAP
		563	static struct __user_cap_header_struct sys_cap_head;
563	static int	564	static int
564	do_checkcap(void)	565	do_checkcap(void)
565	{	566	{
		567	int retval;
		568
		569	/* Store preferred version in sys_cap_head */
		570	vsf_sysutil_memclr(&sys_cap_head, sizeof(sys_cap_head));
566	/* EFAULT (EINVAL if page 0 mapped) vs. ENOSYS */	571	/* EFAULT (EINVAL if page 0 mapped) vs. ENOSYS */
567	int retval = capset(0, 0);	572	retval = capset(&sys_cap_head, 0);
		573
568	if (!vsf_sysutil_retval_is_error(retval) \|\|	574	if (!vsf_sysutil_retval_is_error(retval) \|\|
569	vsf_sysutil_get_error() != kVSFSysUtilErrNOSYS)	575	vsf_sysutil_get_error() != kVSFSysUtilErrNOSYS)
570	{	576	{
Lines 579-595 Link Here
579	{	585	{
580	/* n.b. yes I know I should be using libcap!! */	586	/* n.b. yes I know I should be using libcap!! */
581	int retval;	587	int retval;
582	struct __user_cap_header_struct cap_head;	588	struct __user_cap_data_struct cap_data[2];
583	struct __user_cap_data_struct cap_data;
584	__u32 cap_mask = 0;	589	__u32 cap_mask = 0;
585	if (!caps)	590	if (!caps)
586	{	591	{
587	bug("asked to adopt no capabilities");	592	bug("asked to adopt no capabilities");
588	}	593	}
589	vsf_sysutil_memclr(&cap_head, sizeof(cap_head));
590	vsf_sysutil_memclr(&cap_data, sizeof(cap_data));	594	vsf_sysutil_memclr(&cap_data, sizeof(cap_data));
591	cap_head.version = _LINUX_CAPABILITY_VERSION;
592	cap_head.pid = 0;
593	if (caps & kCapabilityCAP_CHOWN)	595	if (caps & kCapabilityCAP_CHOWN)
594	{	596	{
595	cap_mask \|= (1 << CAP_CHOWN);	597	cap_mask \|= (1 << CAP_CHOWN);
Lines 598-606 Link Here
598	{	600	{
599	cap_mask \|= (1 << CAP_NET_BIND_SERVICE);	601	cap_mask \|= (1 << CAP_NET_BIND_SERVICE);
600	}	602	}
601	cap_data.effective = cap_data.permitted = cap_mask;	603	cap_data[0].effective = cap_data[0].permitted = cap_mask;
602	cap_data.inheritable = 0;	604	cap_data[0].inheritable = 0;
603	retval = capset(&cap_head, &cap_data);	605	retval = capset(&sys_cap_head, &cap_data[0]);
604	if (retval != 0)	606	if (retval != 0)
605	{	607	{
606	die("capset");	608	die("capset");

Return to bug 450536