1
linux/ipc
Michal Clapinski 5563cabdde ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
This commit removes the requirement to be root to modify sem_next_id,
msg_next_id and shm_next_id and checks checkpoint_restore_ns_capable
instead.

Since those files are specific to the IPC namespace, there is no reason
they should require root privileges.  This is similar to ns_last_pid,
which also only checks checkpoint_restore_ns_capable.

[akpm@linux-foundation.org: ipc/ipc_sysctl.c needs capability.h for checkpoint_restore_ns_capable()]

Link: https://lkml.kernel.org/r/20210916163717.3179496-1-mclapinski@google.com
Signed-off-by: Michal Clapinski <mclapinski@google.com>
Reviewed-by: Davidlohr Bueso <dbueso@suse.de>
Reviewed-by: Manfred Spraul <manfred@colorfullife.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2021-11-09 10:02:53 -08:00
..
compat.c
ipc_sysctl.c ipc: check checkpoint_restore_ns_capable() to modify C/R proc files 2021-11-09 10:02:53 -08:00
Makefile
mq_sysctl.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
mqueue.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-06-28 20:39:26 -07:00
msg.c memcg: enable accounting of ipc resources 2021-09-03 09:58:12 -07:00
msgutil.c ipc: Use generic ns_common::count 2020-08-19 14:13:52 +02:00
namespace.c memcg: enable accounting for new namesapces and struct nsproxy 2021-09-03 09:58:12 -07:00
sem.c ipc: remove memcg accounting for sops objects in do_semtimedop() 2021-09-14 10:22:11 -07:00
shm.c mm,hugetlb: remove mlock ulimit for SHM_HUGETLB 2021-11-09 10:02:48 -08:00
syscall.c y2038: remove CONFIG_64BIT_TIME 2019-11-15 14:38:27 +01:00
util.c ipc: replace costly bailout check in sysvipc_find_ipc() 2021-09-08 11:50:28 -07:00
util.h ipc/util.c: use binary search for max_idx 2021-07-01 11:06:07 -07:00