file capabilities: simplify signal check

Simplify the uid equivalence check in cap_task_kill().  Anyone can kill a
process owned by the same uid.

Without this patch wireshark is reported to fail.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/security/commoncap.c b/security/commoncap.c
index 5aba82679a0bb9e5506628c9190846a1134707e7..bb0c095f5761c7bfc23b4f1782a504a40c8322e4 100644 (file)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -552,7 +552,7 @@ int cap_task_kill(struct task_struct *p, struct siginfo *info,
         * allowed.
         * We must preserve legacy signal behavior in this case.
         */
-       if (p->euid == 0 && p->uid == current->uid)
+       if (p->uid == current->uid)
                return 0;
 
        /* sigcont is permitted within same session */