patch-2.1.100 linux/ipc/shm.c

Next file: linux/ipc/util.c
Previous file: linux/ipc/sem.c
Back to the patch index
Back to the overall index

diff -u --recursive --new-file v2.1.99/linux/ipc/shm.c linux/ipc/shm.c
@@ -306,7 +306,7 @@
 	switch (cmd) {
 	case SHM_UNLOCK:
 		err = -EPERM;
-		if (!suser())
+		if (!capable(CAP_IPC_LOCK))
 			goto out;
 		err = -EINVAL;
 		if (!(ipcp->mode & SHM_LOCKED))
@@ -318,7 +318,7 @@
 /* Should the pages be faulted in here or leave it to user? */
 /* need to determine interaction with current->swappable */
 		err = -EPERM;
-		if (!suser())
+		if (!capable(CAP_IPC_LOCK))
 			goto out;
 		err = -EINVAL;
 		if (ipcp->mode & SHM_LOCKED)
@@ -347,7 +347,8 @@
 		break;
 	case IPC_SET:
 		if (current->euid == shp->shm_perm.uid ||
-		    current->euid == shp->shm_perm.cuid || suser()) {
+		    current->euid == shp->shm_perm.cuid || 
+		    capable(CAP_SYS_ADMIN)) {
 			ipcp->uid = tbuf.shm_perm.uid;
 			ipcp->gid = tbuf.shm_perm.gid;
 			ipcp->mode = (ipcp->mode & ~S_IRWXUGO)
@@ -359,7 +360,8 @@
 		goto out;
 	case IPC_RMID:
 		if (current->euid == shp->shm_perm.uid ||
-		    current->euid == shp->shm_perm.cuid || suser()) {
+		    current->euid == shp->shm_perm.cuid || 
+		    capable(CAP_SYS_ADMIN)) {
 			shp->shm_perm.mode |= SHM_DEST;
 			if (shp->shm_nattch <= 0)
 				killseg (id);

FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen, slshen@lbl.gov