drivers/net/tehuti: use proper capability check for raw IO access
authorLinus Torvalds <torvalds@linux-foundation.org>
Tue, 29 Apr 2008 18:45:16 +0000 (11:45 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 29 Apr 2008 18:45:16 +0000 (11:45 -0700)
Yeah, in practice they both mean "root", but Alan correctly points out
that anybody who gets to do raw IO space accesses should really be using
CAP_SYS_RAWIO rather than CAP_NET_ADMIN.

Pointed-out-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/net/tehuti.c

index e83b166aa6b9a53aeeb00a70224d10e46660f638..432e837a17607e323021da0d98dccdc310b1705e 100644 (file)
@@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_device *ndev, struct ifreq *ifr, int cmd)
                DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]);
        }
 
-       if (!capable(CAP_NET_ADMIN))
+       if (!capable(CAP_SYS_RAWIO))
                return -EPERM;
 
        switch (data[0]) {