Allow reading tainted flag as user
authorBastian Blank <bastian@waldi.eu.org>
Mon, 23 Apr 2007 21:41:14 +0000 (14:41 -0700)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Tue, 24 Apr 2007 15:23:08 +0000 (08:23 -0700)
The commit 34f5a39899f3f3e815da64f48ddb72942d86c366 restricted reading
of the tainted value. The attached patch changes this back to a
write-only check and restores the read behaviour of older versions.

Signed-off-by: Bastian Blank <bastian@waldi.eu.org>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
kernel/sysctl.c

index 1b255df4fcd0a4036c1c34fb6da31a0470742f59..c904748f2290d8c48edca2dd451e1d71f4593b49 100644 (file)
@@ -1676,7 +1676,7 @@ static int proc_dointvec_taint(ctl_table *table, int write, struct file *filp,
 {
        int op;
 
-       if (!capable(CAP_SYS_ADMIN))
+       if (write && !capable(CAP_SYS_ADMIN))
                return -EPERM;
 
        op = OP_OR;