Also sprach rhys tucker:
} You need to look at capable() in sched.h
}
} 704 static inline int capable(int cap)
} 705 {
} 706 #if 1 /* ok now */
} 707 if (cap_raised(current->cap_effective, cap))
} 708 #else
} 709 if (cap_is_fs_cap(cap) ? current->fsuid == 0 : current->euid
} == 0)
} 710 #endif
} 711 {
} 712 current->flags |= PF_SUPERPRIV;
} 713 return 1;
} 714 }
} 715 return 0;
} 716 }
}
} You obviously don't understand this or *you* wouldn't have asked in the
} first place. I'll try to help out by pointing out what *I* understand.
}
} 706: I'm really not sure what #if 1 means. if preprocessor commands are
} usually in the form "if defined something". I'll come back to this.
#if 1 simply means that the "then" part of the if-then-else statement
will be used. It has the same effect as if (1) do_this(); else do_that();
does in C (the do_this() will always be called). Doing a #if 0 will
"comment" out a whole section of code which you don't want executed at
that time.
} 709: This is the normal suid/fsuid behaviour. If suid (or fsuid for
} filesystem operations) is NULL, all capabilities tests are passed.
709 is never executed, though...in fact, it'll never appear in the
compiled binary.
--
|| Bill Wendling wendling@ganymede.isdn.uiuc.edu
-
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
IRC Channel: irc.openprojects.net / #kernelnewbies
Web Page: http://www.kernelnewbies.org/
