Re: [PATCH 5/5] Remove unnecesary capability hooks in rootplug.

From: Chris Wright (chrisw@private)
Date: Thu Aug 25 2005 - 14:12:36 PDT


* serue@private (serue@private) wrote:
> @@ -1527,7 +1533,8 @@ static int selinux_vm_enough_memory(long
>  	int rc, cap_sys_admin = 0;
>  	struct task_security_struct *tsec = current->security;
>  
> -	rc = secondary_ops->capable(current, CAP_SYS_ADMIN);
> +	rc = secondary_ops->capable ?
> +		secondary_ops->capable(current, CAP_SYS_ADMIN) : 0;

I don't think this really makes sense.  It says the default secondary
thinks you have the capablity.  Safe since SELinux double checks, but
not really accurate.

thanks,
-chris



This archive was generated by hypermail 2.1.3 : Thu Aug 25 2005 - 14:13:44 PDT