diff options
| author | Robert Love <rml@tech9.net> | 2002-06-04 00:31:55 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@penguin.transmeta.com> | 2002-06-04 00:31:55 -0700 |
| commit | 95c78cd5c06870d4e7fc5c286a6cd53d8e027779 (patch) | |
| tree | a02c1c2149ee35cc11543e1aa140fca071ebb79e /include | |
| parent | a73f75e26e6ca756dd9d4e7b51b101c48240834f (diff) | |
[PATCH] remove suser()
Attached patch replaces the lone remaining suser() call with capable()
and then removes suser() itself in a triumphant celebration of the glory
of capable(). Or something. ;-)
Small cleanup of capable() and some comments, too.
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/compatmac.h | 2 | ||||
| -rw-r--r-- | include/linux/sched.h | 31 |
2 files changed, 5 insertions, 28 deletions
diff --git a/include/linux/compatmac.h b/include/linux/compatmac.h index 72f9151b8a84..1e28380cabb7 100644 --- a/include/linux/compatmac.h +++ b/include/linux/compatmac.h @@ -102,8 +102,6 @@ static inline void *ioremap(unsigned long base, long length) #define my_iounmap(x, b) (((long)x<0x100000)?0:vfree ((void*)x)) -#define capable(x) suser() - #define tty_flip_buffer_push(tty) queue_task(&tty->flip.tqueue, &tq_timer) #define signal_pending(current) (current->signal & ~current->blocked) #define schedule_timeout(to) do {current->timeout = jiffies + (to);schedule ();} while (0) diff --git a/include/linux/sched.h b/include/linux/sched.h index 228d1b979e1e..962e17896067 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -587,24 +587,10 @@ extern void free_irq(unsigned int, void *); * This has now become a routine instead of a macro, it sets a flag if * it returns true (to do BSD-style accounting where the process is flagged * if it uses root privs). The implication of this is that you should do - * normal permissions checks first, and check suser() last. + * normal permissions checks first, and check fsuser() last. * - * [Dec 1997 -- Chris Evans] - * For correctness, the above considerations need to be extended to - * fsuser(). This is done, along with moving fsuser() checks to be - * last. - * - * These will be removed, but in the mean time, when the SECURE_NOROOT - * flag is set, uids don't grant privilege. + * suser() is gone, fsuser() should go soon too... */ -static inline int suser(void) -{ - if (!issecure(SECURE_NOROOT) && current->euid == 0) { - current->flags |= PF_SUPERPRIV; - return 1; - } - return 0; -} static inline int fsuser(void) { @@ -616,19 +602,12 @@ static inline int fsuser(void) } /* - * capable() checks for a particular capability. - * New privilege checks should use this interface, rather than suser() or - * fsuser(). See include/linux/capability.h for defined capabilities. + * capable() checks for a particular capability. + * See include/linux/capability.h for defined capabilities. */ - static inline int capable(int cap) { -#if 1 /* ok now */ - if (cap_raised(current->cap_effective, cap)) -#else - if (cap_is_fs_cap(cap) ? current->fsuid == 0 : current->euid == 0) -#endif - { + if (cap_raised(current->cap_effective, cap)) { current->flags |= PF_SUPERPRIV; return 1; } |