diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 20:45:16 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 20:45:16 +0200 |
commit | 6203554207728f43cfb9fd48585cd6500da73d42 (patch) | |
tree | a1e486f288c3ef0d29c4367a058fe906ece763e3 | |
parent | Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... (diff) | |
download | linux-6203554207728f43cfb9fd48585cd6500da73d42.tar.xz linux-6203554207728f43cfb9fd48585cd6500da73d42.zip |
drivers/net/tehuti: use proper capability check for raw IO access
Yeah, in practice they both mean "root", but Alan correctly points out
that anybody who gets to do raw IO space accesses should really be using
CAP_SYS_RAWIO rather than CAP_NET_ADMIN.
Pointed-out-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | drivers/net/tehuti.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/net/tehuti.c b/drivers/net/tehuti.c index e83b166aa6b9..432e837a1760 100644 --- a/drivers/net/tehuti.c +++ b/drivers/net/tehuti.c @@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_device *ndev, struct ifreq *ifr, int cmd) DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]); } - if (!capable(CAP_NET_ADMIN)) + if (!capable(CAP_SYS_RAWIO)) return -EPERM; switch (data[0]) { |