On Wed, 6 Dec 2023 at 20:58, Serge E. Hallyn <serge@xxxxxxxxxx> wrote: > > On Tue, Nov 28, 2023 at 05:03:34PM +0100, Miklos Szeredi wrote: > > - if (!is_path_reachable(m, mnt->mnt_root, &rootmnt)) > > - return capable(CAP_SYS_ADMIN) ? 0 : -EPERM; > > + if (!capable(CAP_SYS_ADMIN) && > > Was there a reason to do the capable check first? In general, > checking capable() when not needed is frowned upon, as it will > set the PF_SUPERPRIV flag. > I synchronized the permission checking with statmount() without thinking about the order. I guess we can change the order back in both syscalls? I also don't understand the reason behind the using the _noaudit() variant. Christian? Thanks, Miklos
